The medical devices with outdated operating systems are used by healthcare organizations in Latin America, mainly due to high upgrade costs; this according to the Kaspersky global survey whose objective was to analyze the trends of cybersecurity in the transition to telehealth.
According to the report, seven out of ten (71%) Healthcare providers use medical devices with outdated security-based operating systems that provide operating system updates. This is due to the high price of updates (39%) or compatibility issues (14%) and lack of update information (21%).
As a result, they admitted that the following incidents have been experienced:
– 22% have suffered data leaks.
-12% had DDoS attacks.
-19% was a victim of ransomware.
It may interest you:
What happens in each country
Ssix out of ten (60%) Health care providers are currently using medical equipment with an outdated operating system.
Reasons for this include the cost of updates being too high (40%) or not having the knowledge on how to update them (40%). As a result, 20% of respondents in Peru admitted that their organization had already experienced incidents such as data leaks.
In terms of cybersecurity, no Peruvian medical worker (0%) indicated full confidence in the ability of their organization to solve this type of mishap.
Ci5 out of 10 (50%) use medical devices with outdated operating systems. This, as in Peru and the rest of the countries, is due to too high update costs (30%) or compatibility problems (10%) and lack of update information (10%).
The report indicates that when it comes to the security provided by operating system updates, The 100 % of healthcare providers use medical equipment with an outdated operating system.
The reasons include the cost of updates being too high, compatibility issues, and not having the knowledge on how to update with rates of 66.7%, 22%, and 22% respectively.
It may interest you:
SSeven out of ten (73.3%) they use medical equipment with an outdated operating system. The problems are the same mentioned in all cases with percentages of 26.7%, 20% and 20%.
How to minimize cyberattacks caused by outdated and unpatched systems
– Provide employees with basic cybersecurity training, as many attacks start with phishing or other social engineering techniques.
– Carry out a cybersecurity audit of the networks and solve the weaknesses found in the perimeter or within the network.
– Implement anti-APT solutions (Advanced Persistent Threat) and EDR (Endpoint Detection and Response) that enable timely threat detection and detection, incident investigation, and remediation. Providing the SOC (Security Operations Center) team with access to the latest threat information is important and needs to be regularly updated with professional training.
– In addition to EDR, special services can help protect against advanced attacks. Managed detection and response tools help detect and stop attacks in their early stages, before attackers reach their targets.
– Strengthen the systems already in use in medical devices that are updated infrequently.