Medical Devices are Vulnerable to Hackers

Uploaded on 2015-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

FDASecurityAdvisory-1024x681.pngThe U.S. FDA issued a Safety Communication regarding vulnerabilities in the Hospira LifeCare drug infusion pump.

In today’s hyper-connected world, hackers can remotely disable your car, play around with traffic lights, and change the target of a sniper rifle. Now we can add this to the list of terrifying hacks: the US government has found vulnerabilities in the infusion devices that hospitals use to administer intravenous drugs, which could enable hackers to change the dosage of critical medicines.
Two federal agencies are warning hospitals not to use the Symbiq drug infusion pump made by Hospira, due to “cybersecurity vulnerabilities.” A warning from the Food and Drug Administration (FDA) on Friday said that while this has not yet happened, an independent researcher confirmed that the pump can be accessed through a hospital’s network, enabling a hacker to change dosages and other settings.
The FDA asked hospitals to disconnect the devices, which are no longer being sold directly by Hospira but are widely available through third-party vendors. The US Department of Homeland Security issued a similar statement last month, and both agencies cautioned about vulnerabilities in other pumps made by Hospira earlier this year. The medical device maker promised to spend up to $350 million to phase out its Symbiq, GemStar, and Plum brand pumps, among others, over the next two to three years.

NextGov

 

 

« Smart Homes and the Data Underclass
Interpol is Training Police to Fight DarkNet Crime »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Westermo Network Technologies

Westermo Network Technologies

Westermo designs and manufactures robust, resilient and secure data communications products for mission-critical industrial systems.

Yaana Technologies

Yaana Technologies

Yaana is a leading provider of intelligent compliance solutions including lawful interception, data retention & disclosure, and advanced security analytics.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

TriagingX

TriagingX

TriagingX successfully created the first generation malware sandbox that is being used by many Fortune 500 companies for daily malware analysis.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

RNTrust

RNTrust

RNTrust provide solutions to meet today’s digital challenges utilizing digital technologies and services to make you more secured in digitally connected environment.

Cardonet

Cardonet

Cardonet is an IT Support and IT Services business offering end-to-end IT services, 24x7 IT Support to IT Consultancy, Managed IT and Cyber Security.

Fortiedge

Fortiedge

Fortiedge is an IT Security solution provider specializing in Cyber Security practices and solutions for our clients.

Dazz

Dazz

Dazz is the cloud security remediation platform for smart security and development teams.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.