When it comes to healthcare organizations, efficiency and accuracy are key to delivering patient-centered care. Technological advancements such as the internet of things (IoT) have made these goals and more within arm’s reach for many healthcare facilities. Such devices have many benefits, including enabling real-time patient data crucial for remote patient monitoring and bolstering patient safety and infection control.
Today, IoT devices are heavily integrated into healthcare environments to lower costs, boost operational efficiency, and significantly improve patient care levels. Because IoT devices are everywhere, it has become an attractive target to cybercriminals who are looking to steal data to sell on dark web marketplaces.
In this article, we take a look at what IoT in healthcare is and discuss the common threats and risks that target these devices. We also provide security recommendations that healthcare organizations and professionals can use to keep their internet of medical things (IoMT) devices secure.
What is IoMT?
Like IoT, the internet of medical things (IoMT) refers to devices that are connected over a network and can communicate autonomously. In IoMT’s case, the devices are used in the healthcare setting, allowing healthcare professionals to gain better visibility into patients’ health status for improved diagnosis and treatment.
In the hospital setting, IoMT can include smart devices such as lab devices, IV pumps, monitoring devices, smart beds, surgical tables, and hospital inventory management systems.
Common IoMT threats and risks
According to cybersecurity firm Forescout, healthcare IoT devices are among the most targeted devices in 2025.
In this section, we take a look at the most common cybersecurity threats and risks affecting IoMT devices.
Vulnerabilities
Vulnerabilities are software bugs that, when exploited, can give cybercriminals access to healthcare settings. Attackers can exploit outdated firmware, weak authentication protocols, or unsecured communication channels to gain unauthorized access into healthcare environments, significantly impacting how operations are carried out and affecting patient care outcomes.
Because IoMT devices are connected to other systems and devices over a network, a single compromised device can potentially jeopardize the entire network, amplifying the impact of an initial breach.
Unfortunately, IoMT vulnerabilities are widespread. A 2022 report indicates that 53% of IoMT devices possess at least one unpatched critical vulnerability, making them susceptible to potential exploitation by threat actors. Meanwhile, a 2023 article states that 39% of nurse call systems have unpatched critical vulnerabilities.
Threat actors typically exploit vulnerabilities to launch more insidious cyberattacks, such as ransomware, on victim organizations. Ransomware attacks can negatively affect hospital operations, disrupt the delivery of care, and even cause patient deaths.
Last year, a UK-based patient died during a ransomware attack on NHS blood services at London hospitals and GP surgeries. Because of disrupted hospital operations, the patient wasn’t able to get urgent assistance, which directly contributed to the patient’s death.
Data breaches
Data breaches occur when threat actors steal sensitive patient information by compromising vulnerable networks for illicit financial gain. Successful data breaches can result in financial damage, regulatory penalties, and reputational harm.
Threat actors are stealing sensitive patient information to persuade healthcare facilities to pay a set ransom amount. In 2021, threat actors published patient information stolen from the Leon Medical Centers and Nocona General Hospital, two US-based hospital chains. The personal information of patients, such as their names, addresses, and birthdays, as well as their medical information, was published.
Botnet malware
When threat actors gain control over IoMT devices, they can create botnets, which they can use to launch distributed denial of service (DDoS) attacks that can severely disrupt healthcare organizations’ online systems and infrastructures. When this happens, the safety of patient data and the continuous operation of life-saving and life-sustaining devices can be severely compromised.
Security recommendations
As healthcare companies increasingly rely on IoMT devices, understanding and addressing their weaknesses is key to keeping their systems safe and maintaining patient safety and privacy.
Healthcare organizations can keep their environments and systems secure by adopting the following security recommendations:
· Use strong passwords for all accounts
· Enforce multi-factor authentication (MFA)
· Regularly check for patches and vulnerabilities
· Create and maintain an IoMT inventory
· Train employees on the importance of maintaining a strong cybersecurity posture
· Apply network segmentation
· Use strong cybersecurity solutions with multilayered protection
