Healthcare News & Insights

How hospitals can keep wireless networks secure

As more work gets done on portable devices such as laptops, smartphones and tablets, hospitals are finding a new source of significant security vulnerabilities: the wireless network. 

cloud_computingWireless routers and other parts of those networks’ infrastructure are increasingly being exploited in security attacks. And many vulnerabilities are being discovered in those devices.

For instance, a security researcher in October discovered a serious vulnerability in several D-Link wireless routers that could give hackers the ability to view or change a device’s setting without knowing the administrator’s username and password.

The source of the vulnerability was a back door in the firmware — likely placed there to allow a device’s settings to be changed automatically without the password. However, an intruder with the right know-how can exploit the flaw and access the router’s web interface.

Unfortunately, this isn’t the first time a wireless router has been found to have a significant security vulnerability.

Earlier this year, security consultancy Independent Security Evaluators (ISE) released a report identifying thirteen wireless routers it says contain critical security vulnerabilities. The flaws could allow attackers to change the routers’ configuration settings or bypass security controls and gain access to computers on the network or intercept information as it travels on the network.

And in 2011, 13 different small and mid-sized businesses in the Seattle area were hit in a string of attacks that exploited lax security on wireless networks. The hackers used a technique known as “wardriving” — or, driving around in a car equipped with a Wi-Fi receiver that could reveal information about nearby wireless networks.

Keep firmware updated

What can IT teams be doing to protect hospital WiFi networks from those attacks? One key step is to keep the firmware on routers and other devices patched and up to date. Those devices should also be replaced as more secure technology becomes available.

Here are some other WiFi security recommendations from ISE:

  • Disable remote administration.
  • Disable network services that are not utilized within the LAN, such as File Transfer Protocol (FTP), Server Message Block (SMB) and Universal Plug and Play (UPnP).
  • Choose a non-standard IP address range to make automatic attacks more difficult.
  • Enable secure HTTPS for all administrator connections.
  • Use a secure administrator password that includes special characters and a combination of uppercase and lowercase letters.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.