We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Medigate is Changing the Game for Connected Medical Devices

Ditsa Keren Technology Researcher

Medigate is an israeli startup company focused on securing the safe operation of connected medical devices. These mission critical devices are changing the face of modern hospitals as we know them, but are they really safe to use? In this fascinating interview, CEO Jonathan Langer reveals a long list of threats, and explains how they can be avoided with Madigate's security solutions.

Medigate was founded in 2017 by myself, the CEO and 2 of my co-founders. We all share a similar background in the IDF intelligence force, with advanced cyber security training. The rest of our team is composed of security researchers and developers with similar backgrounds. The company has been funded by YL ventures and Blumberg capital.

Essentially, Medigate is a cyber security company focused on connected medical devices. We identify medical devices in clinical environments as our sole focus. Medical devices are being increasingly attacked. Whether targeted or untargeted, we've seen a dramatic increase in incidents revolving around these devices. The Wannacry attack was a prime example of how healthcare can be disrupted by such attacks, whether its ransomware or health information theft, connected medical devices are very vulnerable assets.

How does Medigate work?

We created a device security platform that addresses the unique characteristics of connected medical devices, with 3 main features:

First and foremost, the process starts by obtaining superior clinical visibility into the hospital network. We are able to see all the connected devices in that environment. The big differentiator between us and other companies is we provide a highly granular account of what we see (the “fingerprinting” process) including make, model, OS, application version etc. We have around 15-20 technical attributes that we retrieve from the network, which can be utilized for risk assessment and asset management.

The second feature is a clinical anomaly detection engine, which focuses on the clinical behavior of the device itself. Different medical devices behave in different ways, each having its own very specific clinical patterns. Our system is designed to identify deviations from the pattern that may be indicative of a cyber attack

And last but not least is the prevention feature. We don’t just provide information, but we also take action through integration with partners and technical alliances. One example is the Palo Alto Network Firewall. Essentially when we detect a medical device is behaving irregularly, we leverage the existing infrastructure by taking action through their network.

What are the risks of having unprotected connected medical devices?

The risk is highly significant. One example is based on the WannaCry attack, in which numerous connected medical devices were locked and shut down. In such scenarios, the entire hospital may be disrupted, which is highly dangerous since we are talking about a mission critical environment like operation rooms, birth rooms etc.

We're also witnessing a rising issue in another area - the theft of medical information and identity theft.

Lastly the worst nightmare scenario is a modification of medical data, which could cause medical devices to administer the wrong dosage of medicine or perform the wrong operation. We haven’t seen this happen yet but it’s a risk we are well aware of.

Prevention of these scenarios can also be achieved by integrating with the Network Access Control (NAC), enforcing security policies and micro segmentation on the clinical network.

Are these connected medical devices worth the security risk?

I think that in this day and age, the absolute decision that hospitals are making is that it is worth it. Connectivity allows better care for patients, more accurate data, more efficient care, and at the end of the day that is the mission of hospitals. In parallel, there is more and more recognition of the security problem, and understanding that such devices cannot be operating without proper mitigation and protection.

How do you foresee the future of connected medical devices?

There are several other companies that secure connected devices, but most of them focus on generic IOT rather than medical devices. Having said that, there are other companies that do what we do, and that demonstrates the urgency of this issue.

As for the future, I'm optimistic. We're going to be seeing different stakeholders, be it the hospitals or the medical device manufacturers, investing more and more in clinical cyber security. I expect it to become a considerable investment in the next couple of years, which will contribute significantly to diminishing this problem once and for all.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address