“My computer network has come under attack”. It seems that almost every week a medical institution issues a statement to the effect that hackers tried to dig into its IT systems. Most of the time, they were successful.
If you think your IT admin can solve the problem by setting up a proper firewall, you need to think twice.
One of the main entry points for hackers is medical devices, not IT equipment.
The cyber threat is so real that in July, for the very first time, the FDA asked hospitals to stop using an infusion system for cybersecurity reasons. According to the agency, “Hospira and an independent researcher confirmed that Hospira’s Symbiq Infusion System could be accessed remotely through a hospital’s network. This could allow an unauthorized user to control the device and change the dosage the pump delivers, which could lead to over- or under-infusion of critical patient therapies.”
Cybersecurity Vulnerabilities of Hospira Symbiq Infusion System: #FDA Safety Communication http://t.co/FoNGd1VAX4 #medicaldevice
— FDA Medical Devices (@FDADeviceInfo) July 31, 2015
To understand why and how medical equipment is under attack, we interviewed Greg Enriquez, CEO of TrapX, a cybersecurity company that studied this specific problem.