BMT 342 Lecture 7: Security and Privacy in IoT/IoMT PDF
Document Details
Uploaded by CarefreeMilwaukee
King Saud University
Dr. Asma Abahussin
Tags
Summary
This lecture covers security and privacy concerns within the Internet of Medical Things (IoMT) and the Internet of Things (IoT). It discusses various types of cyberattacks like replay attacks and man-in-the-middle attacks, and suggests key measures like authentication, encryption, and patching for enhanced robustness. It also touches upon the potentially devastating consequences of cyberattacks in the healthcare industry.
Full Transcript
BMT 342 Security and Privacy in IoT/IoMT Lecture 7 Dr. Asma Abahussin Department of Biomedical Technology College of Applied Medical Sciences King Saud University 1 Objectives To learn and understand: ▪ Types of cyberattacks on IoT/IoMT devices. ▪ Key measur...
BMT 342 Security and Privacy in IoT/IoMT Lecture 7 Dr. Asma Abahussin Department of Biomedical Technology College of Applied Medical Sciences King Saud University 1 Objectives To learn and understand: ▪ Types of cyberattacks on IoT/IoMT devices. ▪ Key measures to ensure robust security and privacy in IoT/IoMT systems. ▪ Consequences of Cyberattacks on IoMT Systems. 2 Introduction ❖ It can be challenging to protect the data mined by IoT/IoMT devices and sensitive data is valuable to be attacked. ❖ IoT /IoMT devices must implement robust security and privacy measures to protect against cyberattacks and data breaches and to ensure that user data is collected and used ethically. 3 Attack Types ❖ Common types of cyberattacks on IoT/IoMT devices include: Replay Attacks: Attackers interrupt and capture wireless data transmitted by hardware devices and replay it to gain unauthorized access to data. Man-in-the-Middle Attacks: Attackers intercept and alter data transmitted between IoMT devices, potentially leading to mistreatment such as medicine overdosage or false results. 4 Attack Types (Cont.) Rogue Access Points: Attackers create fake access points within the wireless network range to intercept traffic without being detected, potentially gaining access to sensitive data. Denial of Service (DoS) Attacks: Attackers overload IoMT systems with service requests, disrupting their availability and making them unresponsive to legitimate users. 5 Attack Types (Cont.) Malware Attacks: Attackers inject Malware (Malicious Software), such as spyware, worms, trojans, viruses, and ransomware, into IoMT devices and systems, exploiting security vulnerabilities and causing significant damage. Tampering Devices: Attackers physically tamper with sensors to partially or entirely stop or manipulate their functionality. 6 Security and Privacy Measures ❖ Several key measures to ensure robust security and privacy in IoT/IoMT systems: Authentication and Access Control: Implementing robust authentication mechanisms, such as passwords, two-factor authentication, or biometrics, helps verify the identity of users and devices accessing the IoT ecosystem. Encrypting Data: Organizations should encrypt data stored and transmitted between IoT devices to protect it from unauthorized access. 7 Security and Privacy Measures (Cont.) Regularly Patching and Updating: organizations should regularly patch and update the software on their IoT devices to address any known vulnerabilities. This can help prevent cyberattacks that exploit known weaknesses in IoT devices. Enhance Network Security: The IoT relies on networks to transmit data. Protecting these networks with measures like firewalls and secure protocols such as Transport Layer Security (TLS). 8 Security and Privacy Measures (Cont.) Adhering to Regulatory Standards: Organizations should implement and adhere to regulatory standards such as the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA) to ensure that they are complying with legal requirements for data privacy and security. Security Incident Response Plan: Organizations should develop a comprehensive security incident response plan that outlines the steps to be taken after a security breach or incident. This plan should include incident detection, control, and recovery procedures to minimize the impact of security breaches. 9 Consequences of Cyberattacks on IoMT Systems ❖ Cyberattacks on IoMT Systems can have devastating consequences in the healthcare industry, such as: Poor patient outcomes caused by delays in tests and procedures Increase in patient transfers Increase in medical complications Longer stays at the hospital for patients Increase in mortality rate 10