I am not one to mention abut my personal lifestyle on my
blogs, but today, I want to share with you something. Ever since the beginning of this year, I was
diagnosed with acute congestive heart failure.
It got so bad one time that I was in the hospital for a week as the doctors
and nurses tried to drain out the fluid build up in my lungs.
I am doing OK now, but now I have been told that 65% of my
heart is actually dead, and only 35% of it is actually working.
This simply means I do not know how much longer I have. But I am trying to live each day to the fullest
that I can. The reason why I bring this
up is that if things don’t improve much, my cardiologist is seriously thinking
of implanting a pacemaker in me.
I am not afraid of that per se, but it is considered now to
be an IoT device….and of course, that brings up some huge Cyber risks.
But it is not just that, just about all sorts of implanted
medical devices, and even wearables that keep track of your health and daily
movements are now posing a huge Cyber risk for the people that use them. Consider some of these stats:
*On a global basis, there have been well over one million
who have been at grave risk from having their devices tampered with, even
endangering their own lives.
*This market is going to be a prime target for Cyberattackers
– as it will have a market value of over $265 billion by 2026.
But keep in mind that there are two distinctions to be made
here – the implanted medical devices, and the normal technological wearables that
people use. In terms of the former, the
Federal Government is already taking aggressive steps to protect people.
For example, the FDA has been making announcements that it
plans to implement much more stringent guidelines for the implementation of
security in these devices, which to me is great news.
Then there is the latter – those devices that let you know
how many steps you are taking, your heartbeat, oxygen rate, etc. Here are the Cyber risks that are posed to
them:
1)
It is made of the latest and greatest:
Those wearables that I have just mentioned
come with the best technology available.
Meaning, they can track more information about you than you realize. While you might think it is just collecting the
basic info about you, more than likely it is getting a lot more than that. Unfortunately, the vendors that make these
devices don’t reveal what is being collected per se. The best bet to protect yourself in this
situation is to try to find the privacy settings, and try to restrict the stuff
that is being collected from there. Also
keep in mind that wearables are very small devices, and they can be lost or
stolen even easier than your smartphone.
For that matter, the vendors in this regard have been proactive. They have implemented the use of MFA, in which
you have to present at least three or more authentication details about
yourself before you can use it. If your device offers the use of Biometrics
(such as Facial Recognition or Fingerprint Recognition), use it. That is much more secure than using a password
or PIN number.
2)
Make sure encryption is being used:
Encryption is simply a fancy term
for the scrambling of data so that it remains in a garbled, and meaningless
state until it is descrambled. But in
order to do this, the person needs to have a private key to unlock it. This is a strong safety mechanism which ensures
that if your health data does fall into the wrong hands, the chances are
greatly minimized that nothing bad will happen to it (like being sold on the Dark
Web, being given out to the public, etc.).
So the bottom line here is that the next time you go shopping for a
wearable device, make sure that not only it has MFA on it, but that the data which
it will store about you will also remain encrypted as well.
3)
Use the remote wipe:
Along with the above security features
that you need to be sure about, also make sure that the wearable device you are
thinking of buying also comes with what is known as a “Remote Wipe” feature.
This is where you can actually delete your private data in case you lose your device. For example, if you are out jogging
somewhere, and your wrist device accidentally falls out, through your
smartphone or even any other wireless device, you can issue a command that will
automatically delete the data that resides in it. But keep in mind that this is
only a temporary solution. Stored information
is really never truly deleted, and if the Cyberattacker is smart enough, they
will find a way to access it.
My Thoughts On This:
As mentioned earlier in this blog, wearable devices are part
of the IoT ecosystem. Meaning, as they
get more advanced in terms of technology, they will become that much interconnected
to other things, in both the physical and virtual worlds. In fact it is even predicted that there will
be well over 29 billion of them by the year 2023. (SOURCE: https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/)
So this means that the effort you have to take to protect yourself
is only increasing significantly.
Obviously, you can start with the steps outlined here, or better yet, the
best protection is just don’t even use them.
When you go outside for that walk or jog, just simply enjoy the nature
and beauty of the outdoors.
That is what I do, and in the medical I am in, it works
wonders.
No comments:
Post a Comment