Medical Devices are Vulnerable to Hackers

Uploaded on 2015-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

FDASecurityAdvisory-1024x681.pngThe U.S. FDA issued a Safety Communication regarding vulnerabilities in the Hospira LifeCare drug infusion pump.

In today’s hyper-connected world, hackers can remotely disable your car, play around with traffic lights, and change the target of a sniper rifle. Now we can add this to the list of terrifying hacks: the US government has found vulnerabilities in the infusion devices that hospitals use to administer intravenous drugs, which could enable hackers to change the dosage of critical medicines.
Two federal agencies are warning hospitals not to use the Symbiq drug infusion pump made by Hospira, due to “cybersecurity vulnerabilities.” A warning from the Food and Drug Administration (FDA) on Friday said that while this has not yet happened, an independent researcher confirmed that the pump can be accessed through a hospital’s network, enabling a hacker to change dosages and other settings.
The FDA asked hospitals to disconnect the devices, which are no longer being sold directly by Hospira but are widely available through third-party vendors. The US Department of Homeland Security issued a similar statement last month, and both agencies cautioned about vulnerabilities in other pumps made by Hospira earlier this year. The medical device maker promised to spend up to $350 million to phase out its Symbiq, GemStar, and Plum brand pumps, among others, over the next two to three years.

NextGov

 

 

« Smart Homes and the Data Underclass
Interpol is Training Police to Fight DarkNet Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cofense

Cofense

Cofense (formerly PhishMe) is a leading provider of human-driven phishing defense solutions.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

Massive Alliance

Massive Alliance

Massive is a global service agency providing internet monitoring, data & security threat surveillance and reputation management.

ShadowDragon

ShadowDragon

ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

ColorTokens

ColorTokens

ColorTokens Xtended ZeroTrust Platform protects from the inside out with unified visibility, micro-segmentation, zero-trust network access, cloud workload and endpoint protection.

Red Points

Red Points

Red Points protects your brand and content in the digital environment.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

British Security Industry Association - CySPAG

British Security Industry Association - CySPAG

CySPAG is a special interest group within the British Security Industry Association (BSIA) focused on reducing the risk of product related cybercrime.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

OptimEyes.ai

OptimEyes.ai

OptimEyes.ai is a unique AI-powered, on-demand SaaS solution for cyber-security, data privacy and compliance risk modeling.

DH2i Company

DH2i Company

DH2i is a leading provider of multi-platform Software Defined Perimeter and Smart Availability software enabling customers to create an entire IT infrastructure that is always-secure and always-on.

Primary Guard

Primary Guard

Primary Guard provides IT solutions and computing technologies that help minimize impact from cyber threats, improve business efficiency and maintain essential functions during or after a disaster.

European Union Agency for Network and Information Security (ENISA)

European Union Agency for Network and Information Security (ENISA)

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.

Teleskope

Teleskope

Teleskope are on a mission to empower businesses to protect sensitive data by default.