New research shows exposed medical record systems and images increase the risk of unauthorized access, data breaches and operational disruptions
ANN ARBOR, Mich., Oct. 10, 2024 /PRNewswire/ — Today, Censys, the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management, published its findings on the 2024 Global State of Internet | Healthcare Assets Exposed on Public-Facing Networks. Censys identified over 14,000 distinct IP addresses exposing healthcare data and devices to the internet – with nearly 50% of hosts located in the United States. Considering healthcare and public health organizations are the top critical infrastructure sectors targeted by ransomware attacks, Censys identified exposures across some of the largest urban healthcare systems to smaller, rural environments.
Regardless of institutional size, this rise in ransomware incidents demonstrates the importance of protecting patient data from malicious threat actors – such as medical history, social security information, insurance information and more.
Censys’ comprehensive internet visibility and scanning capabilities enabled the research team to identify significant devices and record exposures across the globe, including:
- Medical Images: Digital Imaging and Communications in Medicine (DICOM)-enabled servers are the most commonly exposed healthcare technology. 36% percent of all Censys identified exposures are DICOM services. These are used for handling potentially sensitive medical images – such as X-rays, ultrasounds, computed technology (CT) scans, magnetic resonance imaging (MRIs), etc.
- Healthcare & Public Health Vendors: While many software vendors were represented across healthcare assets, one vendor accounted for over 90% of the 4,000 publicly available electronic medical record systems Censys observed. About 11% of the applications identified across all asset categories were open-source software.
- Countries & Regions: Due to population and widespread adoption of healthcare technology, the U.S. leads with the most publicly available applications, with nearly 7,000 currently online across different networks. Censys detected only 200 publicly available applications in the United Kingdom—possibly an indication of a more centralized healthcare infrastructure.
“In this age of increasing ransomware attacks, internet-connected healthcare applications should be safeguarded from the public internet – it’s clear that patient data continues to be a valuable target for malicious actors,” said Himaja Motheram, security researcher at Censys. “Our mission at Censys is to provide visibility into the potential security gaps that tend to go overlooked – these types of devices and systems are often developed without security in mind.”
To prevent data breaches and attacks, effective attack surface management is crucial for hospitals and organizations that handle medical data – but many lack the resources to analyze their exposed assets in an actionable way. Censys’ analysis is the first in-depth overview of its kind, providing a global view of the exposure of Internet of Healthcare Things (IoHT) on public-facing networks, through detailed breakdowns by device type, vendor, country and more.
By leveraging Censys’s monitoring capabilities, healthcare organizations can proactively identify and mitigate exposures and vulnerabilities before they lead to data breaches or ransomware attacks. For more information, the full research report can be found here: https://censys.com/state-of-internet-of-healthcare-things.
Censys’s mission is to make the internet a more secure place for everyone. This drives our commitment to responsible disclosure when identifying exposed systems – particularly those in the critical infrastructure sector. As part of this research, Censys made every effort to attribute each device or web asset to the appropriate organization(s) to notify the relevant stakeholders.
About Censys
Censys, Inc.™ is the leading Internet Intelligence Platform for Threat Hunting and Attack Surface Management. Founded in 2017 in Ann Arbor, Michigan, Censys provides organizations with the most comprehensive real-time view of Internet infrastructure. Customers like Google, Cisco, Microsoft, Samsung, Swiss Armed Forces, the U.S. Department of Homeland Security, Cybersecurity & Infrastructure Security Agency, and over 50% of the Fortune 500 rely on Censys for a real-time, contextualized view into their internet and cloud assets. At Censys, you can be yourself. We like it that way. Diversity fuels our mission, and we are committed to inclusion across race, gender, age and identity. To learn more, visit censys.com and follow Censys on Twitter, Mastodon and LinkedIn.
SOURCE Censys