Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Hijacked medical devices can leave networks exposed

Tim Greene | June 17, 2015
Hacked medical devices can pose direct dangers to patients but also serve as lairs from which malware finds its way into medical facilities' networks and persists even after initial attacks have been cleaned up, according to a new report.

The FDA didn't do away with the regulations, it just stated that it won't enforce them, which means that from a network security standpoint, hospitals have more freedom to alter them in order to better secure them as network-attached devices. Even if those alterations adversely affect their functioning, the danger to patients is low, according to the FDA reasoning.

As part of its investigation, TrapX showed how it could compromise a particular blood-gas analyzer and use it to pivot to other devices on the target network. The NOVA Critical Care Express was the device, which used Windows 2000 as its operating system.

Enriquez says that he hasn't seen it in practice, but ransomware criminals targeting common operating systems could go after medical devices that use them, encrypting them and demanding payment for keys to unlock them.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.