The “internet of medical things” is lowering costs and ushering in a new era of patient care. But with an anticipated 2.3 billion new devices coming into global health care facilities by 2025, the threat landscape is expanding “tremendously,” Palo Alto Networks SVP Anand Oswal said at the vendor’s Ignite event this week.

Most medical IoT devices are not designed with a security-first mindset, Oswal explained. According to Palo Alto Network’s Unit 42 research arm, 83% of medical imaging devices like CT scanners and X-ray machines are running on outdated operating systems without the latest security patch.

“The moment [hospitals] see an attack [their] instinct is to shut down the network so they can isolate or understand where the source is and prevent it from spreading,” Oswal said, pointing to a ransomware attack on Texas’ OakBend Medical Center, which saw the facility shut down emergency response infrastructure in October.

“I get it, but you can't do that,” he added. “This is critical infrastructure.”

Additionally, Oswal said health care has more legacy architectures than most industries and often relies on too many point solutions, which makes setting security policy, managing solutions, and training employees to use them all the more difficult.

Many existing point solutions also only provide partial visibility into medical IoT devices, Palo Alto Networks' VP of IoT Security Products Xu Zou added.

“Point solutions on the market even as of today only can help the CISOs team get to partial visibility of those devices,” Zou told SDxCentral in an earlier interview. “They could not address the security, which means just like a doctor, that can tell you, hey, you have these diseases, but cannot find a way to cure that disease.”

Palo Alto Networks found that distributing malware accounts for 40% of all attacks on medical IoT devices, according to Zou. With malware becoming increasingly advanced, the vendor’s latest zero-trust Medical IoT Security solution relies heavily on machine learning (ML) to detect and prevent what he calls “zero day, very advanced malware attacks.”

Applying ML to IoT security enables health care facilities to create device rules with automated security responses, automate zero-trust policy recommendations and enforcement, and segment networks to ensure a device only communicates with authorized systems.

Oswal said the ML-based approach can also help automate identifying devices regardless of their “manufacturers, types, OS systems, configurations, etc.”

With billions of medical IoT devices coming online in the next decade, “you’ve got to find a way to automate policy creation so it's easier to onboard these devices,” he added. “If you ordered a great CT scan machine – which cost millions – and that takes you months to turn it on operationally, it's not effective.”

In order to cope with COVID-19, hospitals started to do remote diagnostics and patient monitoring, meaning medical equipment and sensitive information dispersed outside hospital boundaries, Zou noted.

Palo Alto Network’s Medical IoT Security solution, he added, is available through its secure access service edge (SASE) platform, which combines cloud networking and security capabilities into one infrastructure. This allows information spreading to “patients’ homes, on the road, outside the hospital boundaries,” to travel through the SASE network and reach hospitals’ data centers or clouds to enable medical IoT security, Zou explained.

“It’s extremely important for hospitals to not only secure devices inside of the hospital boundary, but to secure medical equipment and sensitive patient information everywhere else,” he said. “It's truly important for hospitals to not only think about the security inside of the physical boundary of the hospital, but the security associated with every patient.”