Telehealth App Risk Profile
The threat profile of telehealth platforms
60% of PHI breaches comprising 88% of stolen records were related to hack/IT incidents in 2019.
If telehealth cybersecurity is not well implemented, there can be several negative consequences:
- Theft of licenses and IP and jeopardizing economic security
- Violating patient privacy resulting in breaching HIPAA, which is punishable by law
- Damaging brand recognition
- Revenue loss due to fewer patient and provider engagements
- Millions of dollars in fines and lawsuits
3 popular telehealth mobile app hack risks
Reverse Engineering
Common attack methods:- Runtime memory inspection
- Disassembly
- Differential attacks
- Reverse control flow
- Interactive debugging
How can you be affected?
- Steal IP and patient PHI
- Gain sensitive and valuable information to be used for tampering
- Disclose cryptographic assets
- Divulge key server information which can be used for a large-scale server attack
Tampering
Common attack methods:- Data/code lifting
- Control flow modification
- Data/program file or binary replacement
- Branch jamming
How can you be affected?
- Modify app’s behavior
- Replace or modify datafiles and executables
- Steal patient data
Exploitation
Common attack methods:- Automatic exploits
- Dynamic library exploits
- Redistributing the entire system and data decryption
- Malware installation
How can you be affected?
- Disclose PHIs
- Decipher critical encrypted data
- Steal patient identity
Connected Health Cybersecurity: Redefining device design with trustworthy security for patient safety
See what Irdeto’s Connected Health Cybersecurity can do for your business.
Contact us today
Secure device design is core to MDR and FDA Regulations
Subscribe to our Connected Health series to receive our latest blogs, infographics, datasheets and e-books!
Our partners
