Botnets on the March: IOT Disruption and What It Means for Healthcare

In IoT by Liz SchererLeave a Comment

Botnets on the March: IOT Disruption and What It Means for Healthcare

I’ve been intrigued by the buzz around IOT, especially when it comes to the utility in the healthcare ecosystem. Just think of the possibilities: proactive monitoring of patients by clinicians, earlier hospital discharge, and of late, cognitive computing that not only promotes better clinical care but also optimizes research. And that’s just the clinical end of the spectrum; if you are interested the consumer applications, health economist Jane Sarasohn-Kahn, has spent the past few years at the forefront of this topic and I encourage a visit to her Health Populi site.) Heck, not only is the market segment projected to be worth a whopping $117B by 2020, but with companies like IBM, GM, Apple and Cisco forming partnerships, it’s a veritable harbinger for digital disruption.

But like every disruption, there are bound to be a few bumps along the way. And while I have long argued that security will always be an issue as healthcare bridges the digital divide, I never realized that disruption was prognostic for the current 21st Century plague – the botnet.

DDoS armies on the march

On October 1, Krebs issued a report that the source code for IOT malware – Mirai (the very same botnet responsible for Krebsonsecurity’s distributed denial of service attack DDoS)  — had been publicly released.  A month ago, the botnet virtually shut down the Krebs site but with wide distribution, Krebs writes, it is guaranteed “that the Internet will soon be flooded with attacks from many new botnets.” Particularly at risk are IOT systems with factory default or hard-coded usernames/passwords. Already, Mirai has been joined by “Bashlight’ a botnet that exploits the same vulnerabilities” but also spreads infections via default IOT device usernames and passwords. Level 3 security has been monitoring the spread of ‘bots since August and says that roughly 96% of the targets have been IOT devices.


Global Distribution of gafgyt Bots (Source: Level 3 Threat Research Labs)

There is a major distinction between previous and current attacks, however; while previous attacks leveraged or amplified attacks on unmanaged servers, the latest breach was based on real connections between the attacker and the target, taking the game into uncharted waters.

Houston: we’ve got a problem.

Culture is a term that is thrown around a lot when discussing digital disruption but anyone paying one iota of attention to the security vulnerabilities surrounding IOT knows that the cultural change needs to start with the very IOT framework; patches currently require resource expenditure by users themselves, leaving security protocols mostly in the dust. A great example provided by Akamai’s chief security officer, Andy Ellis, is how we currently ‘just press play’ to update iPhones or other Apple devices. Considering that Mirai public release is less than a week old, the full extent of the damage is yet to be realized. Still, healthcare’s slow as molasses ramp-up might serve its stakeholders well for a change.

So where does this leave the IOT in healthcare? When one considers the current ability (or, lack thereof) of legacy healthcare systems to cope with digitization demands and multiply that by the resource challenges inherent in forming cohesive, global legal and regulatory frameworks, there is a lot of work to be done before IOT is ready for the clinical stage. Ellis has argued that even after security gets ramped up, maintaining that security within the IOT ecosystem is going to be difficult at best. And, with the proliferation of healthcare devices offering multiple points of entry into healthcare systems, patches are simply not enough to meet safety and privacy concerns.

Let’s face it; healthcare’s expertise lies in medical care, not security. And while federal agencies (e.g. Homeland Security, FBI) have been involved in more recent system breaches (Anthem,, to name a few), similar collaborations with private industry have not been realized. We know for certain that tech is hard intent on moving into the healthcare market and the focus on clinical research or cognitive computing represents growth areas worth keeping an eye on. In the interim, one thing is certain:  While there is no shortage of ambition, trust, resource allocation and most importantly, security are complex economies that will take some time to scale.