Medical Devices Vulnerable to Hackers

Uploaded on 2015-10-06 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Thousands of critical medical systems, such as MRI machines, are available for hackers to access online, according to researchers. Some 68,000 medical systems from a large unnamed US health group have been exposed. 

Security researchers Scott Erven and Mark Collao presented their findings at hacker conference Derbycon. They also revealed that they had created fake medical devices, which attracted thousands of hackers. Interfaces connected to medical systems were available via search engine Shodan, the researchers told conference-goers.

The researchers used Shodan - a search engine specifically for Internet-connected devices - to look for exposed software from a range of health treatment providers, such as radiology and pediatric clinics, as well as one large healthcare organisation. They told tech news website the Register that they ended up with "thousands of misconfigurations and direct attack vectors". Hospitals whose networking equipment and administrative computers were exposed online risked attacks and the exposure of patient data, they said.

Such information would allow attackers to build up details on health organisations, including exact information about where medical devices were housed, they added. Then it would be a case of "crafting an email and sending it to the guy who has access to that device with a payload that will run on the machine", Mr Collao said.

Presenting their findings at hacking conference Derbycon, the researchers said they had reported dozens of vulnerabilities to big-name medical device manufacturers over the last year. The pair also ran an experiment to illustrate how hackers were already targeting medical devices.

For six months, they ran fake MRI and defibrillator machines in the form of software, which mimicked the real devices. The two fake machines attracted tens of thousands of login attempts and some 299 attempts to download malware, the researchers said.

The fact that their "honeypot" devices attracted so much interest suggests that medical devices are targets for hackers, said security researcher Ken Munro. He emphasised the need to make the real-life versions more secure.
"Medical devices should not be available on the public internet. They should be behind multiple layers of protection," he said. "Based on their research, we can see that hackers will have a go at devices that are clearly critical medical systems. That is scary, if unsurprising.
"What is even scarier is that the research shows that some medical devices have already been compromised."


BBC:

« Cyber Attacks Cost Business Over $300bn Worldwide Last Year
Russian Scientists Create Cockroach Robo-Spy »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

EG-CERT

EG-CERT

EG-CERT is the national Computer Emergency Response Team for Egypt.

Crosscheck Networks

Crosscheck Networks

Crosscheck products allow you to test your APIs across different protocols and message formats with functional automation, performance, and security testing capabilities.

Reposify

Reposify

Reposify’s cybersecurity solution identifies, manages and defends companies’ global digital footprints.

STM

STM

STM provides system engineering, technical support, project management, technology transfer and logistics support services for the Turkish Armed Forces.

CERT Tonga

CERT Tonga

CERT Tonga is the national Computer Emergency Response Team for Tonga.

SQN Banking Systems

SQN Banking Systems

SQN Banking Systems fraud detection software products are a critical step towards overcoming the growing problem of fraud across the various payment channels.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Forum Systems

Forum Systems

Forum Systems is a global leader in API Security Management with industry-certified, patented, and proven products deployed in the most rigorous and demanding customer environments.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.

Business Communications Inc (BCI)

Business Communications Inc (BCI)

BCI is a leading technology company known for its exceptional team of experienced engineers with a focus on providing top-notch technology and security products and services.