TEL:400-654-1200
Attack vector can help hackers find any loopholes in the system may exist. Medical equipment is the world's leading medical institutions to bring a catastrophic storm, researchers warn. MEDJACK attack vector may be the weakest link in the hospital.
TrapX also found that there are many security holes in the three independent hospitals, including X ray equipment, image archiving and communication systems (PACS), and blood gas analyzer (BGA). But there are still a lot of devices for MEDJACK to have immune functions, including diagnostic devices (PET scanners, CT scanners, nuclear magnetic resonance imaging, etc.), treatment equipment (infusion pumps, medical lasers and LASIK), and life support devices (heart lung, medical breathing machine, extracorporeal membrane oxygenation), etc..
Attack hospital gas analyzer
The report shows that a blood gas analyzer is usually used in intensive care or surgery. According to a hospital not to disclose the name of the hospital said that they have a very strong network of defense products, has not detected any attack. However, TrapX found in the virus software intrusion blood gas analyzer, hackers through the network internal transmission, easily opened the back door into the hospital network. Even more shocking is that hackers have crept into the European community to store confidential data. TrapX also found that Jose (Zeus), the castle (Citadel) and other worm variants of the virus software, lurking in the medical equipment to steal the hospital's other passwords. TrapX believes that the next step of the hacker may be an invasion of the hospital IT Department of a workstation."
When used a Novartis biomedical CCX (critical CareExpress) device trapx lab team, in the attack simulation environment to reproduce the attack, they were surprised to find that, all the data of hospital is not encrypted. At the same time, the researchers also found that once a hacker in our blood gas analyzer or any other medical device on the establishment of a back door, they can not encrypt the data storage and transmission equipment at random. In short, TrapX's team believes that the MEDJACK attack vector is likely to distort or change the internal data.
The report explained that, on the one hand, medical equipment is a closed device, too aging, often modified, and its operating system may appear loopholes, such as Windows 2000, XP Windows and Linux. That's why, in a global scale, the MEDJACK attack vector provides a high degree of vulnerability to attack targets. Firewalls can not easily find and repair such attacks. On the other hand, there is an open door to hackers. Hackers can access to the network, bypassing the existing firewall, they have a window of time to the invasion of the medical equipment, in the protection of the harbour to establish a backdoor. Although hospitals tend to install a firewall, the internal network running antivirus software and other anti intrusion security endpoint in the medical device, but TrapX said, medical equipment is a key hub for hacking medical network." As the medical technology team can not access the internal software of medical devices, so they can only rely on the manufacturers to establish and maintain the safety of these devices. However, manufacturers have not yet developed effective software to detect most of the effective load generated by MEDJACK attacks.
Sideways attack of Radiology
In another hospital, hackers take a different attack, they are transmitted through the network to find other targets. However, this transmission is a source of self image archiving and communication system (PACS), which allows the Department of radiology to store and access multiple sources of image. These images including CT scanners, magnetic resonance imaging scanner, portable X-ray machine (C-arms), X ray and ultrasonic equipment. PACS system is also trying to play a botnet, and connected to the command and control. In a hospital in Guiyang, China, hackers have invaded the hospital through horizontal transmission of an important nursing station, stealing a large number of confidential data. In hospital work, medical personnel actually use a website that is infected by the virus.
X ray system in Invasive Hospital
According to TrapX, the company's observations show that in the third real world attack, the key parts of medical equipment and infected with the virus. The hackers installed a backdoor in the hospital's X ray system. According to Karl Wright, general manager of TrapX company introduced, our scientists have observed that you can simulate a set of attacks, specifically designed for a specific medical device design several models, and then attack. In this design process, you can combine diagnosis and treatment of the difficulty, and the high value of medical data, to create an almost perfect target for the crime of organized crime."
Remote attack hospital drug pump
Hacker attacks on medical devices such as insulin pumps and cardiac pacemaker may be fatal, which allows the fed to intervene to protect the wireless medical devices from hackers. A few years later, the United States Department of Homeland Security on 24 kinds of network defects, fatal medical devices to investigate. Now, there are more bad news about the vulnerabilities in medical devices, for example, in the process of drug infusion pump, hackers can use remote control to change the dose of the drug to a fatal dose.
Security researcher Rios Billy found that at least 5 of the Hospira's drug infusion pump system has a leak, he told Wired, "this is the first time we have found that we can change the dosage of the drug."
After the detection of infusion pump, Rios found that these five models of defense is very fragile: Standard P