Medical Devices Vulnerable to Hackers

Thousands of critical medical systems, such as MRI machines, are available for hackers to access online, according to researchers. Some 68,000 medical systems from a large unnamed US health group have been exposed. 

Security researchers Scott Erven and Mark Collao presented their findings at hacker conference Derbycon. They also revealed that they had created fake medical devices, which attracted thousands of hackers. Interfaces connected to medical systems were available via search engine Shodan, the researchers told conference-goers.

The researchers used Shodan - a search engine specifically for Internet-connected devices - to look for exposed software from a range of health treatment providers, such as radiology and pediatric clinics, as well as one large healthcare organisation. They told tech news website the Register that they ended up with "thousands of misconfigurations and direct attack vectors". Hospitals whose networking equipment and administrative computers were exposed online risked attacks and the exposure of patient data, they said.

Such information would allow attackers to build up details on health organisations, including exact information about where medical devices were housed, they added. Then it would be a case of "crafting an email and sending it to the guy who has access to that device with a payload that will run on the machine", Mr Collao said.

Presenting their findings at hacking conference Derbycon, the researchers said they had reported dozens of vulnerabilities to big-name medical device manufacturers over the last year. The pair also ran an experiment to illustrate how hackers were already targeting medical devices.

For six months, they ran fake MRI and defibrillator machines in the form of software, which mimicked the real devices. The two fake machines attracted tens of thousands of login attempts and some 299 attempts to download malware, the researchers said.

The fact that their "honeypot" devices attracted so much interest suggests that medical devices are targets for hackers, said security researcher Ken Munro. He emphasised the need to make the real-life versions more secure.
"Medical devices should not be available on the public internet. They should be behind multiple layers of protection," he said. "Based on their research, we can see that hackers will have a go at devices that are clearly critical medical systems. That is scary, if unsurprising.
"What is even scarier is that the research shows that some medical devices have already been compromised."


BBC:

« Cyber Attacks Cost Business Over $300bn Worldwide Last Year
Russian Scientists Create Cockroach Robo-Spy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

Herjavec Group

Herjavec Group

Herjavec Group's Managed Security Services practice defends your organization from increasingly sophisticated, targeted cybercrime threats.

StoneFly

StoneFly

StoneFly offers High Availability, high performance cluster and scale out storage, and backup and disaster recovery appliances.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Custodio Technologies

Custodio Technologies

Custodio Technologies was established as a Singaporean R&D Centre of Israel Aerospace Industries (IAI) in order to spearhead R&D activities in the field of cyber early warning.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

NESECO

NESECO

NESECO is an IT security integration and consulting firm providing security products, solutions, support, consulting, and training services.

Ashley Page

Ashley Page

Ashley Page offer a unique cyber insurance and risk management solution - Cyber+Insure.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Axis Security

Axis Security

Axis Security technologies transform open networks and vulnerable applications into fully protected resources that the business can trust.

Bitbone

Bitbone

Bitbone develop IT infrastructure and IT security solutions that create long-term value.

Pristine InfoSolutions

Pristine InfoSolutions

Pristine InfoSolutions is a global IT services and Information Security Company focused on delivering smart, next-generation business solutions.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Keeran Networks

Keeran Networks

Established in Edmonton in 1999, Keeran specializes in delivering comprehensive IT support and solutions aimed at optimizing technology investments for businesses.