Medical Devices are Vulnerable to Hackers

Uploaded on 2015-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

FDASecurityAdvisory-1024x681.pngThe U.S. FDA issued a Safety Communication regarding vulnerabilities in the Hospira LifeCare drug infusion pump.

In today’s hyper-connected world, hackers can remotely disable your car, play around with traffic lights, and change the target of a sniper rifle. Now we can add this to the list of terrifying hacks: the US government has found vulnerabilities in the infusion devices that hospitals use to administer intravenous drugs, which could enable hackers to change the dosage of critical medicines.
Two federal agencies are warning hospitals not to use the Symbiq drug infusion pump made by Hospira, due to “cybersecurity vulnerabilities.” A warning from the Food and Drug Administration (FDA) on Friday said that while this has not yet happened, an independent researcher confirmed that the pump can be accessed through a hospital’s network, enabling a hacker to change dosages and other settings.
The FDA asked hospitals to disconnect the devices, which are no longer being sold directly by Hospira but are widely available through third-party vendors. The US Department of Homeland Security issued a similar statement last month, and both agencies cautioned about vulnerabilities in other pumps made by Hospira earlier this year. The medical device maker promised to spend up to $350 million to phase out its Symbiq, GemStar, and Plum brand pumps, among others, over the next two to three years.

NextGov

 

 

« Smart Homes and the Data Underclass
Interpol is Training Police to Fight DarkNet Crime »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

LRQA

LRQA

LRQA is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Lynxspring

Lynxspring

Lynxspring provides edge-to-enterprise solutions and IoT technology for intelligent buildings, energy management, equipment control and specialty machine-to-machine applications.

Nexus Group

Nexus Group

Nexus Group develops identity solutions for physical and digital access.

Standards Council of Canada (SCC)

Standards Council of Canada (SCC)

SCC leads and facilitates the development and use of national and international standards and accreditation services in Canada.

Kratikal

Kratikal

Kratikal provides a complete suite of manual and automated security testing services.

CyberSat Summit

CyberSat Summit

CyberSat is dedicated to fostering the necessary discussions to flesh out and develop solutions to cyber threats in the satellite industry.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

InterSources

InterSources

InterSources is a trusted partner, leading the way in Cloud Security, Cybersecurity, PLG Consulting, Digital Transformation, and Professional Services.

RANE Network

RANE Network

RANE is a global risk intelligence company that provides critical insights and analysis to more efficiently anticipate, monitor, and respond to emerging threats.