Telehealth App Risk Profile

The threat profile of telehealth platforms

60% of PHI breaches comprising 88% of stolen records were related to hack/IT incidents in 2019.

If telehealth cybersecurity is not well implemented, there can be several negative consequences:

  • Theft of licenses and IP and jeopardizing economic security.
  • Violating patient privacy resulting in breaching HIPAA, which is punishable by law.
  • Damaging brand recognition.
  • Revenue loss due to fewer patient and provider engagements.
  • Millions of dollars in fines and lawsuits.

3 Popular Telehealth Mobile App Hack Risks

Reverse Engineering

Common attack methods:

  • Runtime memory inspection
  • Disassembly
  • Differential attacks
  • Reverse control flow
  • Interactive debugging

How can you be affected?

  • Steal IP and patient PHI
  • Gain sensitive and valuable information to be used for tampering
  • Disclose cryptographic assets
  • Divulge key server information which can be used for a large-scale server attack
Security Services hacker

Tampering

Common attack methods:

  • Data/code lifting
  • Control flow modification
  • Data/program file or binary replacement
  • Branch jamming

How can you be affected?

  • Modify app’s behavior
  • Replace or modify datafiles and executables
  • Steal patient data
Denuvo anti tamper

Exploitation

Common attack methods:

  • Automatic exploits
  • Dynamic library exploits
  • Redistributing the entire system and data decryption
  • Malware installation

How can you be affected?

  • Disclose PHIs
  • Decipher critical encrypted data
  • Steal patient identity
security services

Want to learn more? Let’s talk about how Irdeto can help you!

Contact us