What the Shift to 5G Will Mean for Healthcare Cybersecurity
5G has spent years on the horizon, its revolutionary potential in the industry waiting just beyond the reach of healthcare providers and consumers. But now the wait is (almost) over – and for some it is. Mobile 5G began to appear limited in major cities across the country in the second half of 2019. These restrictions will not last long; however, more overall distribution is expected to cross the nation this year.
The advent of 5G has the potential to expand the potential of the healthcare industry in ways we would never have imagined a decade ago – and to create entirely new risks to patient and provider safety.
Most press releases focus on the latter point and with good reason. 5G has an incredibly positive impact on the health sector as a whole – its own super fast mobile speeds will make communication instantaneous and connectivity a given. When 4G may be able to send data to and from 100,000 devices per square kilometer, hyper-fast 5G download speeds will enable data transmission for million devices at the same distance.
With new wireless technology, healthcare organizations can count on a faster and more reliable Internet connection for thousands of medical devices and objects anytime. It also offers the possibility to providers who have limited or no access to broadband internet – ie. isolated rural practices easily connect to the internet facilitated health services that those in urban areas can take for granted.
However, two areas will benefit more than 5G from the others: virtual reality and telemedicine. As physicians began to explore the use of VR and AR in comprehensive rehabilitation and telemedicine counseling, their efforts were significantly limited due to the limitations of the 4G LTE connections available. The latency or time between sending a data request to a device and receiving it is significantly higher – and thus more restrictive – with 4G. In contrast, latency with 5G is over ten times shorter than conventional speeds.
This shockingly low latency has great potential for advances in healthcare. As authors of a report on the potential of 5G in healthcare noted in cash from December 2019. Precision clinical medicine: “In the 5G era, with its innate high bandwidth and low latency advantage, VR is expected to help streamline the entire hospital, especially in telemedicine, teleconsultation and even remote surgery.”
These achievements are expected to have a significant impact not only on patient care but also on the digitally facilitated healthcare sectors. The Report on future market research for 2018 expects that the telemedicine industry will have a 16.5% annual growth rate from 2017 to 2023 due to the increased need for medical services in rural and underserved areas, which can only be achieved through 5G and IoT. ”
All this said is that these gains do not come without security flaws. Although 5G is generally accepted to be more secure than the 4G we use now, the technology still poses several notable risks.
In November 2019, a joint research initiative between security researchers at Purdue University and the University of Iowa revealed an incredible 11 significant vulnerabilities in the studied 5G networks. The study notes that these security vulnerabilities could allow bad participants to monitor and disrupt devices – or even trigger fake alarms.
These findings are worrying not only because of the risks they highlight, but also because they prove that the vulnerabilities that 5G was supposed to address are still a constant problem. Equally problematic is the ease with which these security holes can be abused. As a writer for TechCrunch noted in research article, the researchers “argued that all attacks could be used by an adversary with practical knowledge of 5G and 4G networks and cheap software-defined radio.”
All this said, cybersecurity in the 5G era deserves some optimism. Because next-generation wireless technologies are designed with networking in mind – ie. organizing several isolated virtual networks within a comprehensive physical infrastructure – it will be more difficult for bad participants to gain access to the wider system. Slicing also allows for better confidentiality, as information is not shared between isolated “slices” and for better adaptation, as organizations can implement different policies in different internal networks.
As a writer for Wall Street Journal explains the question, “With 5G, enterprise security centers can collect and analyze vast amounts of information gathered from sensors and other Internet of Things devices that are expected to spread over the next few years. This will make it easier for companies, for example, to spot suspicious activity, such as a hacker trying to access parts of the network that are not normally visited, or attempting to download an unusually large amount of data. “
Given both the potential of 5G for positive change and security vulnerabilities, then – what to do?
The obvious answer is to allocate more resources, people and technologies to improve cybersecurity planning in the healthcare space – especially given that recent research shows that such practices in the industry are weak.
One 2019 a study conducted by cybersecurity firm CynergisTek found that while almost a third of security executives believe that the security of medical devices is one of the five biggest risks facing healthcare today, most industry organizations do not have an effective strategy for assessing the cybersecurity risks that these devices hide. The full 26% of organizations, the researchers note, have no plan at all. Just over half of the respondents agreed that the reason for the insurmountable response to the cybersecurity challenges was due to the lack of necessary resources.
Healthcare organizations need to invest in TO; to develop a comprehensive, proven plan to address the cybersecurity risks posed by 5G before the bad players turn the worst-case scenarios into reality.
Like Tom Wheeler, the former chairman of the Federal Communications Commission, commented above Wall Street Journal article, “Wouldn’t it be great to have cybersecurity as a preconception and not as a follow-up thought?”
“We should not be blinded by the promise of what lies ahead.”
He has a point.
About Matthew Doyle
Matthew Doyle is the Chief Operating Officer and Head of Investor Relations at Chicago Pacific Founders, an investment adviser who manages private funds, focusing exclusively on health services. Doyle never avoided the less traveled path. With over three decades of experience in money management, financial services and corporate development, Matthew Doyle knows first-hand the value of keeping a meteorological eye on ever-changing market conditions and taking advantage of new opportunities as they arise. This long-standing career search for value and new opportunities has led him to explore almost every corner of the investment world.