Advanced persistent threats to computer systems are real and can be used against medical devices, warns Kevin Faulkner, senior product marking manger for enterprise security at anti-virus software vendor Trend Micro.

"Despite our best efforts, we're always playing a cat-and-mouse game with the bad guys," he told attendees of the federally sponsored Safeguarding Health Information conference in Washington.

It's not just a nuisance that a virus going around landed on your devices, but sabotage, Faulkner contends. And while a first step toward protection is use of anti-virus software, the companies that make the software recognize not only the limitations of their products, but also limitations by customers on how they use the products, he adds. "Users don't think they have active malware on their networks, but when we scan it's there 100 percent of the time. You clean the network, but not the MRI that holds the virus and re-spreads it."

Modern malware communicates to "control centers" all the time to spread a virus or upload data, Faulkner explains. Infected, corrupted or stolen data can be prevented if you catch the malware coming in or calling home, so regular full assessments of the network are critical.

Otherwise, a hospital's I.T. infrastructure is like a home with locked doors and windows and secured keys, but no intrusion detectors in the home.

--Joseph Goedert

 

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access