The cyber-security firm stopping hackers from attacking Australian hospitals

Global terrorism has evolved beyond soldiers and weapons, with many terrorist organisations using their internet as their tool for harm.

The new wave of cyber terrorism is perhaps its most insidious, attacking medical devices and shutting down hospitals.

Which is why Israeli startup Bio-Nexus launched its Cyber-Nexus arm, the only company in the world creating hardware and software security solutions to prevent hackers from infiltrating the medical industry.

Cyber-Nexus has branches in Israel, the USA, Europe and Singapore, as well as Australia.

Currently used in local companies and institutions like Visy Group and Swinburne University, the solution is also part of a pilot program with Victorian hospitals.

It is technology that is proving vital in the modern world, where any device that is connected to the internet is open to being hacked.

The real threat of cyber attacks on hospitals

Until recently, hospitals were completely vulnerable to hackers.

Medical devices feed into the hospital networks, which allows intruders a backdoor to access sensitive data or shut down systems entirely to extort money. This is not hypothetical either, with the healthcare industry ranked in the top three of most cyber-attacked sectors in the world.

In May 2017, the global Wannacry malware attack hit hospitals in the UK. These medical devices were shut down and held to ransom, causing an enormous threat of harm.

Bio-Nexus director Ron Hoffman said these attacks were bad, but the potential for fatalities was even worse.

“[There was] nothing to prevent hackers with more sinister motives to use these medical devices to actually cause mass casualties,” he said.

“They can take over entire hospitals or entire wards in hospitals. They can change infusion pump setting levels or radiation in imaging devices so that anyone using the hospital is adversely affected.

“This is not us trying to spook anyone, this is actually happening.”

How the systems work

The Cyber-Nexus defence is two-tiered, with a physical box saddled to the medical devices and a software manager to protect the network. The box detects malicious behaviour, blocks it, and reports it. The software manages all of these devices and handles all the rules and policies for them.

Because nothing is actually installed into the medical devices, it means there is no breach of FDA Approval (or Therapeutic Goods Administration Certification in Australia).

“Medical information is the holy grail for cyber criminals,” Mr Hoffman said. “[Hackers] are a growing problem and the stakes are high. We are the first in the world [to combat this], but we’re probably not going to be the only ones for long.”

The next step for this technology

The Internet of Things—where everyday devices are infinitely connected—is set to expand exponentially in the coming years.

Information and analysis group IHS has projected that the 15.4 billion devices in 2015 will grow to 30.7 billion devices in 2020, and 75.4 billion in 2025.

That is where this technology will expand to, with Mr Hoffman saying work was already underway to protect devices that were previously not connected to the internet.

“While Cyber-Nexus is initially in the medical device space, in essence it is a security measure for any Internet of Things (IoT) systems or devices,” he said.

That means the device can be expanded to include CCTV networks, advanced manufacturing like networked robots, robotic arms and other IoT devices.

These medical security measures have already been deployed across the globe in Melbourne, New York and Tel Aviv, with plans to implement these solutions in other countries as well. It is a system that could prove vital as the rising number of connected devices worldwide attracts cybercriminals looking for a way to get in.

For more articles like this, subscribe to the Security Newsletter