The use of mHealth apps is increasing, both on the consumer-facing side and the clinician-facing side. However, app security is still lacking. Arxan Technologies has released a report, "State of Mobile App Security," which finds most apps, both paid and free, have been hacked.
However, when looking at app security in certain industries, healthcare apps presented an interesting finding: Ninety percent of mHealth apps hosted on Android have been hacked, but none of the mHealth apps hosted on Apple have been hacked.
Additionally, 22 percent of hacked Android apps were approved by the U.S. Food and Drug Administration.
According to the study, FDA regulation does not fully cover mobile app security.
"The last guidance issued by the FDA was on Sept. 25, 2013. However, the guidance does not address key vulnerabilities related to reverse-engineering, repackaging, republishing and runtime attacks," reads the study. "Corporations should acknowledge that regulations are 'lagging hackers' and ensure that their apps are protected against binary attacks."
More articles on cybersecurity:
VA fails cybersecurity audit 16 years in a row
The role of contractors, hackers and regulators in cybersecurity
FDA issues cybersecurity guidance for medical device makers