Connect with us

Hi, what are you looking for?


DHS sends out cyber warning about medical devices (Includes interview)

The U.S. Department of Homeland Security (DHS) has emphasized to hospitals and health clinics about the risks surrounding electronic medical devices commonly in-use at such facilities. This is in relation to vulnerabilities around cybersecurity attacks. The types of devices of concern include surgical and anesthesia devices, ventilators, drug infusion pumps, and external defibrillators. Also vulnerable are patient monitors, laboratory and analysis equipment, and other digital systems.

The U.S. agency issued an alert via the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). It appears that many electronic medical devices have been designed with hard-coded passwords that can enable hackers to modify their settings or install onto systems rogue firmware. Similar concerns have been expressed by the U.S. Food and Drug Administration (FDA).

The warning extends to equipment manufactured by some high profile health technology companies, such as wireless electrocardiogram products from Silex Technologies and GE Healthcare; plus, vulnerabilities in certain computed tomography systems from Philips.

Commenting on the new DHS warning, Dr. May Wang Co-Founder and CTO of Zingbox, an IoT security company for medical devices, tells Digital Journal that digital health providers should have been better prepared. She states: “Unfortunately, hackers targeting connected medical devices is nothing new. These devices have vulnerabilities not unlike laptops and PCs.”

She adds: “In some cases, even more so. 2 years ago, we identified a vulnerability in IV pumps that can allow hackers to change the dosage of medications with life threatening results. Back then, we collaborated closely with DHS and the device manufacturers to identify and offer a solution to the healthcare community.”

However, meeting the cyber onslaught is challenging, Dr. Wang says: “While its fashionable to point figures at the device manufacturers, expecting devices primarily built for accuracy and reliability to be secure against the latest cyber threat is a tough order. We struggle to secure our laptops and PCs from the latest threats.”

In terms of what can be done, Dr. Wang notes: “Security leaders can do more to collaborate with DHS and other agencies such as HHS and NIST who have focused their efforts to secure these critical medical devices. For example, HHS in collaboration with vendors like Zingbox released Cybersecurity Best Practice Resources to secure connected medical devices.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


China has passed a new law to limit the pressure on children from homework and after-school tutoring - Copyright AFP Hector RETAMALChina passed a...


If convicted, Salvini could face a maximum of 15 years in prison - Copyright AFP Arif ALIItaly’s former interior minister and far-right leader Matteo...


Lebanese barber Ali Abd Alwareth is stuck in a border forest after Belarus told him: "You have only two choices: either you die here...


Flowers bloom in the Atacama Desert in Chile, considered the driest non-polar resion in the world. Source - Joselyn Anfossi Mardones from Chiguayante, Chile....