By Osama Alzoubi, Middle East & Africa Vice President Phosphorus Cybersecurity
Hospitals across the Middle East are grappling with a growing and alarming issue: as they increasingly adopt connected medical devices, known as the Internet of Medical Things (IoMT), they are becoming prime targets for cyberattacks. Shockingly, over 72% of hospitals in the region are lagging behind on basic security measures, turning what was once a theoretical risk into a looming threat.
Connected medical devices, like heart monitors and insulin pumps, have revolutionized patient care by enabling real-time monitoring and faster diagnoses. And it’s not just connected medical devices, hospitals are utilizing other connected devices like – IP cameras, building control systems, and laser printers – as an important part of patient care. However, this rapid integration of IoMT and IoT devices have also exposed healthcare systems to new vulnerabilities. As cybercriminals focus their efforts on healthcare, providers are finding themselves on the frontlines of a digital battle.
This article explores why healthcare systems are so attractive to cybercriminals, the challenges of securing IoMT devices, and the crucial steps needed to safeguard patient care.
Critical data at risk
Cybercriminals are no longer just interested in financial data. Today, medical information is one of the most valuable commodities on the black market, fetching up to ten times the price of financial records. Hospitals hold a wealth of personal, health, and financial data, making them prime targets for hackers seeking to steal or ransom sensitive information.
Beyond the value of the data, healthcare institutions are particularly vulnerable because they simply cannot afford downtime. A ransomware attack that disrupts a hospital’s operations can delay surgeries, interrupt patient care, and in extreme cases, put lives at risk. This urgency is unique to healthcare; even a brief disruption can have life-threatening consequences.
Recent incidents
The year 2023 has emerged as a particularly challenging one for healthcare cybersecurity, marked by a sharp increase in both the frequency and severity of attacks. Around 550 breaches were recorded, affecting the protected health information (PHI) of 108 million individuals—an unprecedented figure. The only comparable incident was a 2015 hack that compromised 80 million records from a single healthcare insurer. However, without that event, no other year approaches the sheer scale of breaches seen in 2023. This represents a staggering 2.5-fold increase compared to the number of individuals impacted in 2022 and 2021, and almost four times the number in 2020.
The most troubling aspect is the rise in ransomware attacks targeting healthcare, which have surged by nearly 300% in recent years. These attacks have had tangible impacts, from ambulance diversions to cancelled surgeries, delays in accessing medical records, and even the postponement of critical treatments like cancer care. Such disruptions clearly illustrate that these are not merely financially motivated crimes but rather life-threatening incidents that put patient safety at risk.
IoMT – The new digital frontline
IoMT devices are essentially medical equipment connected to a network, allowing for data sharing and real-time monitoring, such as heart rate monitors, insulin pumps, and infusion systems. Unfortunately, these devices introduce significant security risks, especially since many of them were not designed with robust cybersecurity in mind.
Outdated firmware and poor network segmentation
A common issue with IoMT devices is outdated firmware—the software that controls how a device functions. If this firmware isn’t regularly updated, it can contain security vulnerabilities that are easy for cybercriminals to exploit. Hospitals often delay these updates to avoid disrupting patient care, but this leaves the devices exposed to potential attacks.
Another critical issue is network segmentation. Without proper segmentation, a hospital’s network is like one big open space. Once hackers breach one connected device, they can move freely within the system, potentially accessing critical areas like patient records or life-support systems. Proper segmentation, which involves dividing the network into secure sections, can limit the damage if one part of the system is compromised.
The scope of the problem
The use of IoMT devices in hospitals across the Middle East has grown, driven by the push for more advanced, connected healthcare. Unfortunately, cybersecurity measures have not kept pace. Many healthcare providers struggle to balance the need for new technology with the need to protect their networks from emerging threats. As the number of IoMT devices continues to rise, so does the risk of cyberattacks.
Why traditional security is not enough
The sophistication of cyberattacks has outpaced traditional security measures. Manual oversight and outdated antivirus software simply can’t keep up with the speed and complexity of modern threats. Healthcare providers need to move beyond these conventional methods and adopt automated, AI-powered security solutions.
AI-powered platforms: The future of cybersecurity
One of the most promising solutions for securing healthcare networks is AI-driven xIoT security management platforms. These platforms continuously monitor IoMT devices, assessing risks and identifying vulnerabilities in real-time. Instead of reacting after a breach, they prevent attacks by proactively scanning for weaknesses.
The key advantage of AI platforms is their ability to learn from new threats and adapt accordingly. They can detect unusual behavior, like unauthorized access or unexpected data transfers, and take action before an attack escalates. Additionally, these systems can automatically update device firmware and configurations, protecting even legacy systems from the latest threats.
For healthcare providers in the Middle East, these AI-powered solutions provide a scalable and immediate way to close security gaps.
3 steps to improve cyber resilience
The first step is to strengthen basic cybersecurity measures. Before jumping into advanced solutions, healthcare institutions need to address basic cybersecurity needs. Here are some essential steps:
- Multi-Factor Authentication (MFA): Ensuring that only authorized personnel can access sensitive systems by requiring a second form of verification, such as a code sent to a mobile device.
- Network Segmentation: Dividing the network into smaller, secure sections to prevent hackers from moving freely within the system.
- Regular Patching: Ensuring that all devices, especially IoMT equipment, receive regular updates with the latest security patches.
- Credential Management: Don’t deploy IoT and IoMT devices with default credentials. Automatically and periodically rotate credentials to keep them in compliance with company policy.
For long-term protection, the next step for healthcare providers is to invest in a unified security management platform that discovers, remediates and manages xIoT devices. These systems provide automated, real-time protection, continuously monitoring network activity and enforcing secure configurations.
The last step addresses one of the leading causes of cybersecurity breaches – human error. Simple mistakes—like falling for phishing emails or using weak passwords—can open the door to hackers. Regular training can help staff recognize and avoid these risks, making a well-informed team the first line of defense.
Collaboration is key
Healthcare providers can’t tackle these challenges alone. Governments and regulators need to enforce stricter cybersecurity standards. While national frameworks have been introduced in countries like the UAE and Saudi Arabia, more work is needed to ensure consistent implementation across the healthcare sector.
Collaboration between governments, healthcare providers, and private tech companies is essential. Incentives like tax breaks or subsidies could encourage hospitals to adopt the latest security technologies. Additionally, regulations, such as Saudi Arabia’s new Personal Data Protection Law (PDPL) and UAE’s Health Data Law, protect patient data in the region.
A regional approach
Given how interconnected healthcare systems are across the Middle East, a regional approach to cybersecurity is essential. A Middle Eastern Healthcare Cybersecurity Summit could help standardize protocols, share expertise, and build collective defenses against cyber threats. Collaboration will be key to ensuring that healthcare networks across the region are adequately protected.
The rapid adoption of IoMT devices has brought significant improvements in patient care, but it has also opened the door to considerable risks. Cybersecurity is no longer a background issue—it is a pressing challenge for healthcare providers across the Middle East. By investing in a unified xIoT security management solution, enforcing strong regulatory frameworks, and fostering collaboration between governments and healthcare providers, the region can protect its most valuable assets: its patients.
About the Author:
Osama Alzoubi, Middle East & Africa Vice President Phosphorus Cybersecurity Osama Alzoubi is a seasoned business and technology leader with over 25 years of ICT and business experience. His expertise spans business and technology; he is known for his in-depth expertise in cybersecurity, AI, IOT, DC, SW, and infrastructure, and he holds a patent in the field. Osama held multiple key roles globally, and in the region, the last of which as a CTO for Cisco in Middle East and Africa; he led the Engineering and Digital Transformation teams across the region, while driving the digitization initiatives, innovation, and growth across private and public sector in Saudi, Middle East, and Africa. Osama is the author of “The Digital Disruption” Book available on Amazon in both English and Arabic; he also has multiple publications in Harvard Business Review Arabia (hbrarabic.com), in Arabic.
Beyond his professional achievements, Osama is passionate about business and talent development, fostering growth in individuals and organizations. He also enjoys volleyball and is an avid reader. His strategic insights and commitment to innovation continue to inspire and empower individuals, solidifying his legacy as a visionary leader in the business and technology landscape.
Osama has a Bachelor of Science degree in Computer Engineering from the University of
Illinois at Chicago (UIC), and a Master of Science in Computer Science from the Illinois Institute of Technology (IIT), in Chicago, Illinois USA.
About Phosphorus
Today, most enterprises have far more embedded computing devices than people, presenting a massive, unprotected and often undetected cyber-attack surface. IoT is the softest target on the enterprise network with a seven-year half-life for vulnerability patching and infrequent credential rotation. Phosphorus is securing the IoT by fully automating the remediation of the two biggest vulnerabilities—out-of-date firmware and default credentials. The U.S.-based team has a proven track record of cybersecurity software innovation. For more information on Phosphorus, visit https://www.phosphorus.io/
