As revealed in its recent report by Intertrust Technologies, approximately 71% of healthcare and medical applications contain at least one serious vulnerability that could cause infringement medical data, while 5% of its monitoring applications COVID-19 leaked data. The research tested 100 healthcare applications (Android and iOS) covering a wide range of services.
A vulnerability is classified as serious when it can be easily exploited and has the potential to cause significant damage or data loss.
Ο Bill Horne, General Manager of the Security Systems Product Team and Chief Technology Officer of Intertrust, told Toolbox that almost every application The healthcare provider examined does not have the appropriate tools to protect himself from attacks.
Data breaches cost healthcare providers an average of $ 7,13 million per breach. However, they do not make much effort for their safety.
According to her report Verizon Data Breach Investigations, the healthcare sector was affected by 798 attacks, of which 521 led to confirmed data breaches in 2020.
The risk is further enhanced if the applications do not have strong encryption. According to the Intertrust report, 91% of applications do not have strong encryption for their data, which increases the chances of information exposure, code manipulation, illegal execution of orders and IP theft.
In addition, 34% of Android applications and 28% of iOS, were vulnerable to the most common and serious cryptographic issues threats.
Data in 60% of Android applications is subject to insecure access control protocols and is open to intruders as it is stored in Shared Preferences API. In terms of applications mHealth, most issues were identified in e-commerce health applications - 90% contained four or more problems per application. Telemedicine / patient loyalty applications ranked second at 86,4%, followed by COVID detectors (84,6%) and medical device applications (81,2%).