Roger Baker, assistant secretary for information and technology at the Department of Veterans Affairs, informed the House Committee on Veterans’ Affairs Subcommittee on Oversight and Investigations that over the previous 14 months 120-plus medical devices have been infected by malware.
Baker described attacks from cyber villains as a “critical challenge” before the department as it looks to protect information, according to Information Week.
“The major challenge with securing medical devices is that, because their operation must be certified, the application of operating system patches and malware protection updates is tightly restricted,” Baker said. “This inherent vulnerability can increase the potential for cyber attacks on the VA trusted network by creating risk to patient safety.”
Baker highlighted the negative impact to the VA in terms of cost.
“These infections have the potential to greatly affect the world-class patient care that is expected by our customers,” Baker testified. “In addition to compromising data and the system, these incidents are also extremely costly to the VA in terms of time and money spent cleansing infected medical devices.”