Skip to main content

Many healthcare apps have serious security flaws

healthcare
(Image credit: Image Credit: Photo_Concepts / iStock)

Ever since the start of the pandemic, healthcare organizations have suffered a barrage of cyberattacks designed to capitalize on the strain the industry has been placed under.

Both cybercriminals and nation-state actors have targeted the sector, with the goal of extorting healthcare firms for financial gain, but also stealing vital patient data relating to Covid-19 vaccine research.

In most cases, they sent out emails that contained malware or phishing links. However, a new report from application security firm Veracode suggests that many healthcare apps also have a range of bugs that could be exploited by hackers.

Analyzing 130,000 apps for the report, Veracode found that three quarters contain at least one flaw. Of that number, a quarter (26 percent) suffer from high-severity flaws that could allow for remote code execution or result in data theft or financial losses.

The company also said it believes the number and sophistication of the attacks is likely to increase. This is partly due to the fact that healthcare organizations hold an increasingly large amount of valuable patient data, as well as data related to the creation and distribution of the Covid-19 vaccine.

App developers are urged to regularly update their apps and patch up potential security holes and vulnerabilities. Some apps, a separate report from app assessment firm Orcha has shown, haven’t been updated for as long as two years.