Introduction
The increasing integration of Internet-of-Medical-Things (IoMT) devices into healthcare networks has introduced significant cybersecurity risks. A recent analysis highlights the prevalence of vulnerabilities within these devices, emphasizing the urgent need for healthcare organizations to prioritize security measures to protect patient safety and ensure operational continuity.
Description
The top 1% of the riskiest IoMT devices are utilized by 89% of healthcare organizations, which have these vulnerable devices integrated into their networks. An analysis of over 2.5 million IoMT devices and 647,000 operational technology (OT) devices across 351 healthcare organizations reveals that 9% of IoMT devices contain known exploitable vulnerabilities (KEVs) linked to active ransomware campaigns and insecure internet connections [1]. Alarmingly, 99% of healthcare organizations have at least one IoMT device with known exploited vulnerabilities [3] [4], which constitute approximately 9% of the total IoMT devices in use.
Vulnerable IoMT devices are connected to 20% of hospital information systems (HIS) that manage clinical and administrative data [3], affecting 58% of organizations [1] [5]. Imaging systems [1] [2] [3] [4] [5], including X-rays [1] [5], CT scans [1] [2] [4] [5], MRIs [1] [2] [3] [4] [5], and ultrasounds [2] [4] [5], represent the riskiest category, with 8% containing KEVs associated with ransomware [1] [5], impacting 85% of organizations [1] [5]. In contrast [3], the exposure of vulnerable operational technology devices is significantly lower [3], with only 0.3% of these devices found to be both internet-exposed and carrying known exploited vulnerabilities [3], totaling 1,763 devices [3].
The report highlights that insecure connections [2], default passwords [2], hard-coded credentials [2], and unencrypted data further exacerbate the risk of security incidents [2]. This situation underscores the urgent need for healthcare security leaders to adopt an exposure-centric approach to prioritize remediation efforts on the most critical vulnerabilities [1], ensuring patient safety and maintaining operational continuity [1]. Recommendations include assessing critical processes and devices [2], adhering to a cybersecurity framework that evaluates business impact and exploitability [2], and implementing necessary mitigations and patches, such as aligning with industry guidelines like the HHS HPH Cyber Performance Goals [3].
Conclusion
The findings underscore the critical need for healthcare organizations to address the vulnerabilities within IoMT devices. By adopting a proactive, exposure-centric approach [1] [3], healthcare leaders can effectively mitigate risks, safeguard patient data [1], and maintain the integrity of healthcare operations. Future efforts should focus on continuous assessment, adherence to cybersecurity frameworks [2], and timely implementation of security measures to adapt to the evolving threat landscape.
References
[1] https://itwire.com/guest-articles/guest-research/new-research-from-claroty%E2%80%99s-team82-highlights-riskiest-medical-device-exposures-in-healthcare-environments.html
[2] https://www.itpro.com/security/ransomware/ransomware-healthcare-vulnerabilities
[3] https://osintcorp.net/89-of-healthcare-organizations-use-the-most-vulnerable-iot-devices/
[4] https://www.infosecurity-magazine.com/news/healthcare-vulnerable-iot-devices/
[5] https://www.helpnetsecurity.com/2025/03/28/healthcare-devices-vulnerabilities/
