cybersecurity defenses
See the following -
On the Lack of Cyber Security of Medical Devices
Two weeks ago the U.S. Food and Drug Administration advised hospitals not to use Hospira's Symbiq infusion system, concluding that a security vulnerability enables hackers to take remote control of the system. The agency issued the advisory some 10 days after the U.S. Department of Homeland Security warned of the vulnerability in the pump. My view is that this will be the first of many advisories. For years, manufacturers of medical devices depended on the “kindness of strangers” assuming that devices would never be targeted by bad actors. EKG machines, IV pumps, and radiology workstations are all computers, often running un-patched old operating systems, ancient Java virtual machines, and old web servers that no one should currently have deployed in production.
- Login to post comments