Poster: Threat Intelligence & Modeling Practices for IoMT Devices using Wi-Fi Communications
Abstract
The integration of internet connectivity into medical devices, known as the Internet of Medical Things (IoMT), is revolutionizing modern healthcare through remote monitoring and advanced diagnostics. Among these devices, the Continuous Positive Airway Pressure (CPAP) machine plays a critical role in managing patients with Sleep Apnea. However, the security of CPAP devices presents significant concerns due to potential vulnerabilities that could lead to critical failures, such as device shutdowns. An analysis was made of the device's connectivity interface, to identify potential exploit points and vulnerabilities. Additionally, we evaluated whether existing threat modeling frameworks - namely the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)- sufficiently address the threats faced by IoMT devices and propose potential extensions where needed. Our goal is to enhance the security of CPAP machines by highlighting potential threats and advocating for improved security measures by manufacturers.
