Security industry players highlight growing risk of medical device hacks

Bitdefender and Kaspersky claim hackers could use their skills to fatally alter the behaviour of medical equipment and devices.

Medical

Security vendor Bitdefender claims computer hackers are increasingly staging attacks against software-controlled medical devices, including pacemakers, insulin pumps and defibrillators.

Hospitals and medical centres could be leaving themselves exposed to these kind of attacks by failing to keep their operating system and security software updated, the company claimed, and by using unencrypted VPNs.

Alexandru Blan, chief security researcher at Bitdefender, said hackers could target hospitals to steal patient data and slow down critical systems.

"Hackers [could] perform attempts at patients' lives, steal information about high profile or public figures, and use them as a platform for other social-engineered targeted attacks," Blan warned.

"Another likely money-making scenario is to simply harvest the hospital's database and use it to spam the patients with drugs and fake cures."

The firm is not the first IT security vendor to warn that hackers could use their skills to take control of medical devices, with potentially fatal consequences.

For instance, McAfee made a similar announcement earlier this year, while Akamai touched on the issue at last week's RSA Europe conference in London.

Meanwhile, the US Government Accountability Office has also recently led calls for tighter regulations around the use of medical devices to prevent cyber attacks.

David Emm, senior security researcher at Kaspersky Lab, said he has not seen any evidence of malware being used to target medical software and equipment, but said it is a risk that cannot be ruled out.

"Medical systems are critical and can mean the difference between life and death, so it's disturbing to consider the impact that a malware outbreak would have," said Emm.

"[Also], much sensitive data is stored in these systems, making them potentially interesting for cybercriminals who may want to install spyware or steal and sell confidential medical information."

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
London ranks second to Silicon Valley as world's best startup hub
startups

London ranks second to Silicon Valley as world's best startup hub

22 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021