Medical Devices Vulnerable to Hackers

Uploaded on 2015-10-06 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Thousands of critical medical systems, such as MRI machines, are available for hackers to access online, according to researchers. Some 68,000 medical systems from a large unnamed US health group have been exposed. 

Security researchers Scott Erven and Mark Collao presented their findings at hacker conference Derbycon. They also revealed that they had created fake medical devices, which attracted thousands of hackers. Interfaces connected to medical systems were available via search engine Shodan, the researchers told conference-goers.

The researchers used Shodan - a search engine specifically for Internet-connected devices - to look for exposed software from a range of health treatment providers, such as radiology and pediatric clinics, as well as one large healthcare organisation. They told tech news website the Register that they ended up with "thousands of misconfigurations and direct attack vectors". Hospitals whose networking equipment and administrative computers were exposed online risked attacks and the exposure of patient data, they said.

Such information would allow attackers to build up details on health organisations, including exact information about where medical devices were housed, they added. Then it would be a case of "crafting an email and sending it to the guy who has access to that device with a payload that will run on the machine", Mr Collao said.

Presenting their findings at hacking conference Derbycon, the researchers said they had reported dozens of vulnerabilities to big-name medical device manufacturers over the last year. The pair also ran an experiment to illustrate how hackers were already targeting medical devices.

For six months, they ran fake MRI and defibrillator machines in the form of software, which mimicked the real devices. The two fake machines attracted tens of thousands of login attempts and some 299 attempts to download malware, the researchers said.

The fact that their "honeypot" devices attracted so much interest suggests that medical devices are targets for hackers, said security researcher Ken Munro. He emphasised the need to make the real-life versions more secure.
"Medical devices should not be available on the public internet. They should be behind multiple layers of protection," he said. "Based on their research, we can see that hackers will have a go at devices that are clearly critical medical systems. That is scary, if unsurprising.
"What is even scarier is that the research shows that some medical devices have already been compromised."


BBC:

« Cyber Attacks Cost Business Over $300bn Worldwide Last Year
Russian Scientists Create Cockroach Robo-Spy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

QMS International

QMS International

QMS is one of the leading ISO certification bodies in the UK and serves clients worldwide.

Aptive Consulting

Aptive Consulting

Aptive is a cyber security consultancy providing Penetration Testing and Vulnerability Assessment services.

National Authority Against Electronic Attacks (NAAEA) - Greece

National Authority Against Electronic Attacks (NAAEA) - Greece

The National Authority Against Electronic Attacks (NAAEA) is the national computer emergency response team of Greece.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Wolfpack Information Risk

Wolfpack Information Risk

Wolfpack specialise in information and cyber threat management covering the full spectrum of prevention, detection, incident response and business resilience capabilities.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

DataTribe

DataTribe

DataTribe is a cyber startup foundry, leveraging deep experience and expertise to build and launch successful product companies.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

Nexer

Nexer

Nexer is a modern tech company with expertise in strategy, technology and communication with a strong vision.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.