63% of Recognized Exploited Vulnerabilities Tracked by CISA Are on Healthcare Group Networks

Troutman Pepper Forms Incidents and Investigations Team


NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ —Claroty, the cyber-physical methods (CPS) safety firm, launched as we speak on the annual HIMSS24 convention a brand new report that uncovered regarding information concerning the safety of medical gadgets linked to healthcare group networks corresponding to hospitals and clinics.

The State of CPS Security Report: Healthcare 2023 found a staggering 63% of CISA-tracked Recognized Exploited Vulnerabilities (KEVs) on these networks, and that 23% of medical gadgets—together with imaging gadgets, medical IoT gadgets, and surgical procedure gadgets—have at the least one KEV.

Within the first healthcare-focused version of The State of CPS Safety Report, Team82, Claroty’s award-winning analysis group, examines how the problem of increasingly more linked medical gadgets and affected person methods coming on-line will increase publicity to the rising tide of cyberattacks centered on disrupting hospital operations. The purpose of this analysis is to exhibit the broad connectivity of important medical gadgets—from imaging methods to infusion pumps—and describe the implications of their publicity on-line. Vulnerabilities and implementation weaknesses ceaselessly floor in Team82’s analysis, and a direct line might be drawn to probably unfavourable affected person outcomes in every of those instances.

“Connectivity has spurred massive modifications in hospital networks, creating dramatic enhancements in affected person care with docs in a position to remotely diagnose, prescribe, and deal with with a never-before-seen effectivity,” stated Amir Preminger, vice chairman of analysis at Claroty. “Nevertheless, the rise in connectivity requires correct community structure and an understanding of the publicity to attackers that it introduces. Healthcare organizations and their safety companions should develop insurance policies and techniques that stress the necessity for resilient medical gadgets and methods that may stand up to intrusions. This contains safe distant entry, prioritizing threat administration, and implementing segmentation.”

Key Findings:

Visitor Community Publicity: 22% of hospitals have linked gadgets that bridge visitor networks—which give sufferers and guests with WiFi entry—and inside networks. This creates a harmful assault vector, as an attacker can shortly discover and goal property on the general public WiFi, and leverage that entry as a bridge to the inner networks the place affected person care gadgets reside. In truth, Team82’s analysis confirmed a surprising 4% of surgical gadgets—important tools that in the event that they fail might negatively influence affected person care—talk on visitor networks.

Unsupported or Finish-of-Life OSs: 14% of linked medical gadgets are working on unsupported or end-of-life OSs. Of the unsupported gadgets, 32% are imaging gadgets, together with X-Ray and MRI methods, that are important to prognosis and prescriptive remedy, and seven% are surgical gadgets.

Excessive Chance of Exploitation: The report examined gadgets with excessive Exploit Prediction Scoring System (EPSS) scores, which signify the chance {that a} software program vulnerability can be exploited within the wild on a scale of 0-100. Evaluation confirmed that 11% of affected person gadgets, corresponding to infusion pumps, and 10% of surgical gadgets include vulnerabilities with excessive EPSS scores. Digging deeper, when taking a look at gadgets with unsupported OSs, 85% of surgical gadgets in that class have excessive EPSS scores.

Remotely Accessible Units: This analysis examined which medical gadgets are remotely accessible and located these with a excessive consequence of failure, together with defibrillators, robotic surgical procedure methods, and defibrillator gateways, are amongst this group. Analysis additionally confirmed 66% of imaging gadgets, 54% of surgical gadgets, and 40% of affected person gadgets to be remotely accessible.

To entry Team82’s full set of findings, in-depth evaluation, and really useful safety measures in response to vulnerability traits, obtain the “State of CPS Security Report: Healthcare 2023.”

For extra details about this report and Claroty’s newly launched Advanced Anomaly Threat Detection Module for the Medigate by Claroty platform, discover us at HIMSS International Well being Convention, sales space #1627, happening March 11-15 in Orlando, Fla.


The State of CPS Safety Report: Healthcare 2023 is a snapshot of healthcare cybersecurity traits, medical gadget vulnerabilities, and incidents noticed and analyzed by Team82, Claroty’s risk analysis crew, and our information scientists. Data and insights from trusted open sources, together with the Nationwide Vulnerability Database (NVD), the Cybersecurity and Infrastructure Safety Company (CISA), the Healthcare Sector Coordinating Council Working Group, and others, additionally have been used to deliver invaluable context to our findings.


The first writer of this report is Chen Fradkin, full stack information scientist at Claroty. Contributors embody: Ty Greenhalgh, trade principal healthcare, Yuval Halaban, threat crew lead, Rotem Mesika, risk and threat group lead, Nadav Erez, vice chairman of knowledge and Amir Preminger, vice chairman of analysis. Particular due to the whole thing of Team82 and the info division for offering distinctive help to varied features of this report and analysis efforts that fueled it.

About Claroty
Claroty empowers organizations to safe cyber-physical methods throughout industrial, healthcare, business, and public sector environments: the Prolonged Web of Issues (XIoT). The corporate’s unified platform integrates with clients’ current infrastructure to offer a full vary of controls for visibility, threat and vulnerability administration, risk detection, and safe distant entry. Backed by the world’s largest funding corporations and industrial automation distributors, Claroty is deployed by lots of of organizations at 1000’s of web sites globally. The corporate is headquartered in New York Metropolis and has a presence in Europe, Asia-Pacific, and Latin America. To study extra, go to claroty.com.

Notify of
Inline Feedbacks
View all comments
Previous Post
Troutman Pepper Forms Incidents and Investigations Team

Codezero Raises $3.5M Seed Funding From Ballistic Ventures to Safe Multicloud Software Growth

Next Post
150K+ UAE Network Devices & Apps Exposed Online

150K+ UAE Community Gadgets & Apps Uncovered On-line

Related Posts