Threat Intelligence

3/8/2019
12:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Ultrasound Machine Diagnosed with Major Security Gaps

Check Point researchers investigate security risks and point to implications for medical IoT devices.

RSA CONFERENCE 2019 – San Francisco – Vulnerabilities in connected medical devices could have massive implications for patients and the healthcare industry as a whole.

The Internet of Medical Things (IoMT) is poised to broaden the attack surface for healthcare organizations, according to Check Point experts. Eighty-seven percent of healthcare institutions are expected to use IoT technologies by the end of 2019, with nearly 650 million IoMT devices in use by 2020, states a new Check Point study. The study underscores the danger of what could happen if these devices are poorly secured.

IoT devices collect vast stores of data and are commonly built on outdated software and legacy operating systems. This makes them a simple gateway for cybercriminals, who could break in and move laterally across the target network.

Consider ultrasound technology. Researchers explain how "huge advancements" have been made to provide detailed health data to doctors and patients. Unfortunately, they report, this innovation hasn't made its way to the security of IT environments where ultrasound machines sit. To prove this point, they went "under the hood" of a real ultrasound device.

What they found was a tool running on Windows 2000. Like many IoMT devices, this no longer receives updates or patches, and leaves both the machine and its data exposed to intruders. It wasn't hard to exploit vulnerabilities and access its database of ultrasound images, they explain.

An attacker with this access could launch a ransomware campaign on the hospital system or swap patients' images. "Think how much chaos that can do in the hospital," said Oded Vanunu, head of product vulnerability research at Check Point, in an interview with Dark Reading here at the RSA Conference.

Cybercriminals may use health records to get pricey medical services and prescription medications; they may also gain access to government health benefits. Or they could sell it: The Ponemon Institute found healthcare breaches are most expensive, at $408 per record.

Healthcare organizations often don't have the budget for strong IT and security, Vanunu explained. "Hospitals are flat networks – from our perspective ... we think cybercrime will start to move to the weakest networks." It's happening already, he noted.

IoMT devices are in mass production, Vanunu continued, but nothing is being done to secure them. Because the device Check Point analyzed was running Windows 2000, exploiting it was simple. "We didn't use any sophisticated tools," Vanunu said. "No zero-day, no reverse-engineering vulnerability. Any beginner can exploit it."

Related Content:

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
3/11/2019 | 2:27:18 PM
Re: On healthcare in general
Thanks - worst job ever.  30 computers walked out of a locked room - 30.  Just like that.  Computer in Pastor's office stolen.  Computer in corp cafeteria stolen- cable cut too.  11,000 endpoints - no firewall.  We would image and porn back in a week.  Doctor lounge systems loaded with porn.  Education systems for chilldren loaded with porn.  (Outsourced suppor to First Consulting group, later bought by Computer Sciences Corp.)

There was one more slice of hell - hard-coded IPs and subnets.  But nobody knew where one subnet began in a room and the next kicked in.  Delihtful planning.  

 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
3/8/2019 | 3:35:39 PM
Re: On healthcare in general
Wow, thats disheartening. Working at a hospital I have seen the horrors that COW's can provide as well. I still think your experience would have to top the list I think.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
3/8/2019 | 1:40:33 PM
On healthcare in general
Ages ago i had a positon with a MAJOR NY Hospital for support.  One uptown hospital had COWS ( computers on wheels) that staff could wheel into a patient's room.  They are quite common.  Now ths place was a horror show in many ways but one great one was that COWS wireless received IP from the college across the street.  True.  Out the door went the patient management cloud program.  Out went patient data and history, medication data, care data....... and that was one, just one, flaw.  Not surprised at all by this essay. 
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Cybercriminals Think Small to Earn Big
Dark Reading Staff 3/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.