The top 1% of the riskiest medical devices are used by a large majority of healthcare organizations, according to Claroty.
In its State of CPS Security: Healthcare Exposures 2025 report, published on March 26, Claroty found that vulnerable smart medical devices – also known as Internet-of-Medical-Things (IoMT) devices – are present in the systems of 89% of healthcare organizations.
These devices are exposed on the internet and carry vulnerabilities known to be exploited in active ransomware campaigns.
Additionally, the report showed that these vulnerable IoMT devices are connected to 20% of hospital information systems (HIS) and 8% of imaging systems (e.g. X-rays, CT scans, MRI, ultrasound).
Moreover, when considering all IoMT devices with known exploited vulnerabilities – not only those linked to ransomware campaigns and online exposure – the company has found that a staggering 99% of healthcare organizations have at least some of these vulnerable devices in their systems. These account for approximately 9% of the total IoMT devices in use.
No tags.
