As if blackhats going
after bank accounts and email passwords wasn’t enough, U.S. federal officials
warn that a wide array of medical devices are susceptible to potentially
life-threatening hacks.
 |
| Pacemakers are among the devices vulnerable to hacks |
The devices, including
heart defibrillators, drug infusion pumps, ventilators, patient monitors, and
anesthesia devices, all possess serious password vulnerabilities that open them
up for tampering.
According to an advisory
issued last week by Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT), the devices have a hard-coded default password that, if used,
provides backdoor access to the devices.
The affected devices have hard-coded passwords that can be used to permit privileged access to devices such as passwords that would normally be used only by a service technician. In some devices, this access could allow critical settings or the device firmware to be modified. [ICS-CERT]
For most of the devices
like drug pumps and patient monitors, the hacker needs physical access to the
device to actually access anything. However, some devices like pacemakers and
insulin pumps, since they are actually inside or on the body, can be accessed
remotely, which is both very dangerous and super creepy.
Officials have not named
the specific devices that are effected, but have said that most devices are
effected.
Private Parts is the official blog of SumRando VPN and is basically the coolest thing on the web. You can try SumRando for free here.
Private Parts is the official blog of SumRando VPN and is basically the coolest thing on the web. You can try SumRando for free here.
No comments:
Post a Comment