Medical Devices are Vulnerable to Hackers

Uploaded on 2015-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

FDASecurityAdvisory-1024x681.pngThe U.S. FDA issued a Safety Communication regarding vulnerabilities in the Hospira LifeCare drug infusion pump.

In today’s hyper-connected world, hackers can remotely disable your car, play around with traffic lights, and change the target of a sniper rifle. Now we can add this to the list of terrifying hacks: the US government has found vulnerabilities in the infusion devices that hospitals use to administer intravenous drugs, which could enable hackers to change the dosage of critical medicines.
Two federal agencies are warning hospitals not to use the Symbiq drug infusion pump made by Hospira, due to “cybersecurity vulnerabilities.” A warning from the Food and Drug Administration (FDA) on Friday said that while this has not yet happened, an independent researcher confirmed that the pump can be accessed through a hospital’s network, enabling a hacker to change dosages and other settings.
The FDA asked hospitals to disconnect the devices, which are no longer being sold directly by Hospira but are widely available through third-party vendors. The US Department of Homeland Security issued a similar statement last month, and both agencies cautioned about vulnerabilities in other pumps made by Hospira earlier this year. The medical device maker promised to spend up to $350 million to phase out its Symbiq, GemStar, and Plum brand pumps, among others, over the next two to three years.

NextGov

 

 

« Smart Homes and the Data Underclass
Interpol is Training Police to Fight DarkNet Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IEEE Computer Society

IEEE Computer Society

The IEEE Computer Society is the world's leading membership organization dedicated to computer science and technology.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Tevora

Tevora

Tevora is a specialized management consultancy focused on cyber security, risk, and compliance services.

Fortra

Fortra

Fortra (formerly HelpSystems) is your cybersecurity ally, unified through the mission of providing solutions to organizations' seemingly unsolvable cybersecurity problems.

Redstor

Redstor

Redstor's complete data management helps you discover, manage and control your data from a single control centre, unifying backup and recovery, disaster recovery, archiving and search and insight.

Com Laude

Com Laude

Com Laude is a domain name management company that provides strategic consulting to help companies strengthen digital brand, safeguard customers & protect brand IP.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

Data Storage Corp (DSC)

Data Storage Corp (DSC)

Data Storage Corporation is a provider of data recovery and business continuity services that help organizations protect their data, minimize downtime and recover and restore data.

01 Communique Laboratory

01 Communique Laboratory

01 Communique Laboratory is an innovation leader in the new realm of Post-Quantum Cyber Security.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Arqit Quantum

Arqit Quantum

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.

Tide Foundation

Tide Foundation

Tide's breakthrough multi-party-cryptography enables TRUE-zero-trust technology that unlocks cyber-herd immunity.

M.Tech

M.Tech

M.Tech is a leading cyber security and network performance solutions provider. We work with leading vendors to bring optimal solutions to the market through a channel of reseller partners.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.

IndoSec

IndoSec

IndoSec is an annual cybersecurity summit that powers an in-person gathering of cybersecurity leaders from Indonesia’s major corporations, leading businesses and key government entities.