Cyber Attacks on Healthcare Devices Using Unmanned Aerial Vehicles

The growing use of wireless technology in healthcare systems and devices makes these systems particularly open to cyber-based attacks, including denial of service and information theft via sniffing (eaves-dropping) and phishing attacks. Evolving technology enables wireless healthcare systems to communicate over longer ranges, which opens them up to greater numbers of possible threats. Unmanned aerial vehicles (UAV) or drones present a new and evolving attack surface for compromising wireless healthcare systems. An enumeration of the types of wireless attacks capable via drones are presented, including two new types of cyber threats: a stepping stone attack and a cloud-enabled attack. A real UAV is developed to test and demonstrate the vulnerabilities of healthcare systems to this new threat vector. The UAV successfully attacked a simulated smart hospital environment and also a small collection of wearable healthcare sensors. Compromise of wearable or implanted medical devices can lead to increased morbidity and mortality.