Cyber-attacks on life-saving equipment inevitable without security boost
The risk of attacks on medical devices such as defibrillators, pacemakers, insulin pumps, and other software-controlled medical equipment is rising as cyber-criminals improve hacking techniques, according to Bitdefender®, the award-winning provider of innovative antivirus solutions.
Following a previous investigation into NHS IT cyber-security vulnerabilities, the US Government Accountability Office has also warned about vulnerabilities in computerised medical devices because of outdated software and firmware. Bitdefender believes targeted attacks on medical equipment and hospitals pose an even greater degree of risk because there is never enough security in place when it comes to this type of attack. Some of the most common types of medical cyber-attacks include Wi-Fi hijacking, spyware installed through network plugs in hospitals, and malware that can overwrite or damage data.
“An unspoken law of IT security is that any vulnerability will eventually be exploited. NHS patients risk losing their personal data, and systems within the hospitals may slow down and even become unresponsive if infected,” said Alexandru Bălan, Chief Security Researcher at Bitdefender. “The results can be devastating, resembling events previously only found in movie scenes. Hackers can perform attempts at patients’ lives, steal information about high profile or public figures, and use them as a platform for other social-engineered targeted attacks. Another likely money-making scenario is to simply harvest the hospital’s database and use it to spam the patients with drugs and fake cures."
Software-controlled dispatch centres are prone to hacking and spying through their Command and Control Centre, which contains video and audio information, and also hazard, and Automatic Resource Locations maps. Bitdefender advises hospitals and medical centres to:
• Tighten security measures, by keeping their operating system, and their security software, updated.
• Monitor their bring-your-own-device (BYOD) policies in hospitals and dispatch centres to prevent data breaches.
• All communication through VPN services should have strong encryption, as basic virtual private networks can be hacked for a few pounds.
• Medical devices can also be hacked through common flaws in Windows, the operating system used by most of them.
• Keep any and all Wi-Fi networks outside of the main network, as Wi-Fi hacking is common knowledge for anyone with a tool just downloaded from the internet.
• Place Intrusion Detection Systems absolutely everywhere and get warnings whenever attempts are made to access the network or a medical device.
Find out more on smart devices and their blind spot on HotForSecurity. For a full list of Bitdefender 2013 features and benefits by product, please visit http://www.bitdefender.co.uk or follow Bitdefender on Twitter for daily malware alerts.
About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. Since 2001, the company has been an industry pioneer, introducing and developing award-winning protection. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, Bitdefender won a series of important awards and accolades in the global security industry, including “Editor’s Choice” by PC Mag for Bitdefender Antivirus Plus 2013 and the “GoldAward” by TopTenREVIEWS that confirmed the software’s top spot among 25 tested security products. Bitdefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about Bitdefender's antivirus products is available from the company's security solutions press room. Additionally, Bitdefender publishes the HOTforSecurity blog, a sizzling blend of steamy computer security stories and stimulating visuals that spotlights the seedy underworld of internet fraud, scams, malicious software – and gossip.
Media Contact:
Thomas O'Neill
Account Manager
Media Safari
T: +44 (0)1225 471202
W: www.mediasafari.com
Beehive Yard, Walcot Street, Bath, BA1 5BT UK
