Thousands of critical medical systems – including Magnetic Resonance Imaging machines and nuclear medicine devices – that are vulnerable to attack have been found exposed online. Security researchers Scott Erven and Mark Collao found, for one example, a “very large” unnamed US healthcare organization exposing more than 68,000 medical systems.
Tim Erlin, Director of Security and Product Management at Tripwire :
“The Internet of Things is already here, and some of its denizens are already in critical condition.
Embedded devices are nothing new, and the expansion of Internet connectivity has turned networked embedded devices, from energy to healthcare, into internetworked embedded devices. As the forward end of the industry works to bring the ‘things’ to the Internet, the Internet has already been brought to the ‘things’ that were out there.
With embedded devices, it’s often not as simple as applying the latest updates. When those devices interact directly with a human being in a therapeutic task, it’s even more complicated to make changes. This isn’t a challenge that’s likely to go away. It’s likely to get worse, and make headlines, when someone hacks a medical device to make a point.”