CyberMDX security researchers discovered vulnerabilities in Becton, Dickinson and Company medical equipment, potentially allowing attackers to harm patients.
According to the researchers, two vulnerabilities in infusion pumps Alaris Gateway Workstation manufactured by Becton, Dickinson and Company allow an attacker to disable the device, infect it with malware or modify indicators.“In emergency cases, attacker can even interact directly with the pumps and change the dosage of the drug and the rate of infusion,” – said the researchers.
The most dangerous of the two vulnerabilities affects the firmware of the workstation and allows completely disable the equipment, turning it into a useless “brick”. To restore the workstation, it will have to be sent to the manufacturer.
A less dangerous vulnerability allows an attacker to change the network configuration settings of the workstation and monitor the status of the pump.
Becton, Dickinson and Company released firmware updates that fix both vulnerabilities.
Infusion pump – medical equipment designed for long-term, metered, controlled injection of solutions, highly active drugs, nutrients to the patient. As a rule, infusion pumps are used for intravenous fluids.
Specifically, users should:
- Minimize network exposure for all medical devices and/or systems.
- Locate medical devices behind firewalls and isolate them where possible.
- Restrict system access to authorized personnel only and follow a least privilege approach.
- Apply defense-in-depth strategies.
- Disable any unnecessary accounts, protocols and services.
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Source: https://ics-cert.us-cert.gov
User Review
( votes)
