Medical IOT Devices Getting Hacked
With the above demo, Security researchers were able to hack in an ultrasound machine taking advantage of a vulnerability in an Ultrasound machine. The attacker was able to download all the stored records and reports of the patients and were able to edit also.
Further, the Security Researchers were also able to lock the medical report with a private key. which could allow an attacker to encrypt the complete data of the medical device and ask for ransomware.
Medical IOT Devices are more prone to these kinds of attacks because they run old operating Systems and old prepackaged software. with an increasing number of sophisticated attacks, it has become a necessary requirement to upgrade our IOMT deices ie Medical IoT Devices to latest OS and Softwares.
Unfortunately, while patching would be a simple way to mitigate these risks, medical devices that come with OSs which no longer receive security updates and the downtime that comes with the update process mean that, in most cases, these connected medical devices will remain vulnerable to attacks.
Additionally, as detailed in Check Point’s report, “From a regulatory point of view, the inherent vulnerabilities that come with operating healthcare devices, such as a lack of encryption of sensitive data as well as hard-coded or default login credentials, prevent IT professionals from even implementing security patches, should such patches even exist.”
Read Outs: https://www.bleepingcomputer.com/news/security/medical-iot-devices-with-outdated-operating-sytems-exposed-to-hacking/