Attributed to Sundar Balasubramanian, Managing Director for India and South Asia at Check Point Software Technologies
New Delhi, March 15, 2025: In modern healthcare, the adoption of Internet of Medical Things (IoMT) devices has transformed patient care. However, this innovation also brings critical cyber security challenges that must be addressed. An example of such a threat has been highlighted by the US Cybersecurity and Infrastructure Security Agency (CISA), which warns that Contec CMS8000 devices, widely used for patient monitoring, contain a backdoor that sends patient data to a remote IP address and could download and execute files on the device.
India, in particular, has become a prime target, experiencing an average of 3,284 attacks per week, nearly double the global average (1,843) according to Check Point’s Threat Intelligence Report. In fact, the Indian healthcare sector was the most impacted by cyberattacks, with 8,614 weekly attacks per organization. This alarming trend highlights the increased attack surface due to the rapid adoption of technologies such as electronic health records (EHRs), telemedicine, and Internet of Things (IoT) devices.
A stark example is the ransomware attack on Delhi AIIMS in November 2022, which disrupted operations and exposed critical vulnerabilities in the sector. More recently, in October 2024, Star Health Insurance, one of India’s leading health insurers, suffered a major data breach, potentially compromising the personal information of 31 million customers. Reports indicate the stolen data has been listed for sale online, underscoring the urgent need for stronger cybersecurity in healthcare.
Technical details aside, human safety is always paramount. Addressing this type of vulnerability ensures that clinicians make care decisions on accurate data, thereby ensuring patients get proper care. As noted by CISA, “…a malfunctioning monitor could lead to improper responses to vital signs displayed by the device“.
This article explores how Check Point’s IoT Protect solution can help hospitals defend against such threats, leveraging insights from the 2025 Check Point State of Cyber Security Report and addressing the broader issue of IoMT security.
The Threat: Contec CMS8000 Backdoor
The Contec CMS8000 patient monitoring devices have been found to include a backdoor that poses severe risks to patient data security and device integrity. This backdoor allows unauthorized access to patient data, sending it to a remote IP address, and enables the download and execution of files on the device. Such vulnerabilities can lead to data breaches, unauthorized data manipulation, and potential disruptions in patient care.
How Check Point IoT Protect Can Help
Check Point’s IoT Protect solution offers a comprehensive approach to securing IoT devices within healthcare environments. Here’s how it can specifically address the threat posed by the Contec CMS8000 backdoor:
- Firmware risk assessment: IoT Protect offers Firmware Scanner that scans the device’s firmware, discovering security vulnerabilities and backdoors such as suspicious domains and IP addresses listed in the program, secrets that are exposed in the device, and provide you a comprehensive analysis of potential risks from the device. Use this service to validate your supply chain before adding products to your environment.
- Autonomous device discovery and risk analysis: IoT Protect autonomously identifies and maps all IoT devices connected to the network, including patient monitoring devices like the Contec CMS8000. This visibility is crucial for detecting unauthorized devices and assessing their risk profiles.
- Zero Trust segmentation: By enforcing Zero Trust policies, IoT Protect prevents unauthorized access to and from IoT devices. This segmentation ensures that even if a device is compromised, the threat cannot spread laterally across the network.
- Real-time threat intelligence and virtual patching: IoT Protect leverages real-time threat intelligence to block known and zero-day attacks. The solution’s virtual patching capabilities shield devices from known vulnerabilities without the need for physical updates, which is essential for devices like the Contec CMS8000 that may have embedded backdoors.
- IoT Protect nano agent for manufacturers: Check Point offers manufacturers to embed nano agent inside their devices, with active device-level protection against the most sophisticated cyber attacks. Nano agent helps to comply with FDA requirements for connected medical devices.
Healthcare Threat Landscape: Insights from the 2025 Check Point State of Cyber Security Report
The 2025 Check Point State of Cyber Security Report highlights the increasing cyber threats faced by the healthcare sector. In 2024, healthcare became the second most targeted industry, with a 47% increase in attacks year-over-year. The report underscores the need for robust cyber security measures to protect sensitive patient data and ensure the integrity of medical devices.
Key findings from the report include:
- Ransomware Evolution: Data exfiltration and extortion have overtaken encryption-based attacks as the primary ransomware tactics, simplifying operations and maximizing payouts.
- Supply Chain: Technology supply chain attacks have increased significantly. Hardware & semiconductors increased by 179% and software by 109%, raising the risk that IoMT devices could have vulnerabilities introduced by their supply chain.
The Broader Issue of IoMT Security
The Internet of Medical Things (IoMT) encompasses a wide range of connected medical devices that improve patient care but also introduce significant cybersecurity challenges. As highlighted in the Check Point blog, IoMT devices often lack built-in security features, making them vulnerable to cyber attacks. Ensuring the security of these devices is critical, as breaches can lead to data theft, compromised patient safety, and operational disruptions.
To address these challenges, healthcare organizations must adopt a multi-layered security approach that includes:
- Comprehensive device visibility: Continuously monitoring and mapping all connected devices to identify potential vulnerabilities.
- Zero Trust security models: Implementing strict access controls to prevent unauthorized access and lateral movement within the network.
- Proactive threat intelligence: Leveraging real-time threat intelligence to stay ahead of emerging threats and apply virtual patches as needed.
Conclusion
The integration of IoMT devices in healthcare offers numerous benefits but also introduces significant cyber security risks. The Contec CMS8000 backdoor threat exemplifies the vulnerabilities that can compromise patient data and device integrity. Check Point’s IoT Protect solution provides a robust defense against such threats, ensuring the security and reliability of healthcare IoT devices. By adopting comprehensive cybersecurity measures, healthcare organizations can protect patient data, maintain operational integrity, and deliver safe, high-quality care.
For more information on how Check Point Quantum IoT Protect can secure your healthcare facility, contact Check Point for a demo today.
Corporate Comm India (CCI Newswire)
