House Energy and Commerce Committee Holds Hearing on Cybersecurity of Connected Devices

On Wednesday, the House Energy & Commerce Subcommittees on Communications & Technology and Commerce, Manufacturing, and Trade (CMT) held a joint hearing entitled “Understanding the Role of Connected Devices in Recent Cyber Attacks.” The hearing focused on the security of the “Internet of Things,” and efforts to combat malicious actors that target vulnerabilities in an increasingly connected world, which is a significant issue for medical devices, hospitals, and other care settings. Much of the discussion surrounded the threats of ransomware and hacking of implanted medical devices, and how medical and non-medical connected devices could provide an entryway into hospital networks.  Witnesses brought up examples of how some hospitals still use machines that run on Windows 95, 98 and XP, leaving them incredibly vulnerable and susceptible to attacks.

While they did paint a grim picture of the current state of cyber capabilities, the witnesses offered a number of recommendations to help combat this growing threat, including minimum security standards for manufacturers and embedded cybersecurity, robust cybersecurity education and workforce development, providing greater incentives for built-in, basic cybersecurity hygiene, and a more robust regulatory environment.