Wednesday, 19 June 2013

Hacking So Scary It Will Stop Your Heart

As if blackhats going after bank accounts and email passwords wasn’t enough, U.S. federal officials warn that a wide array of medical devices are susceptible to potentially life-threatening hacks.
Pacemakers are among the devices vulnerable to hacks
The devices, including heart defibrillators, drug infusion pumps, ventilators, patient monitors, and anesthesia devices, all possess serious password vulnerabilities that open them up for tampering.
According to an advisory issued last week by Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the devices have a hard-coded default password that, if used, provides backdoor access to the devices.
The affected devices have hard-coded passwords that can be used to permit privileged access to devices such as passwords that would normally be used only by a service technician. In some devices, this access could allow critical settings or the device firmware to be modified. [ICS-CERT]
For most of the devices like drug pumps and patient monitors, the hacker needs physical access to the device to actually access anything. However, some devices like pacemakers and insulin pumps, since they are actually inside or on the body, can be accessed remotely, which is both very dangerous and super creepy.

Officials have not named the specific devices that are effected, but have said that most devices are effected.

Private Parts is the official blog of SumRando VPN and is basically the coolest thing on the web. You can try SumRando for free here.

No comments:

Post a comment