Patient monitors may have some worrying security flaws
Posted by:
John Harrison
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding Chinese-manufactured healthcare devices being discovered with malicious firmware backdoors transmitting sensitive data to a Chinese university. Specifically, the Contec CMS8000 patient monitor used in hospitals was found to connect to a hardcoded IP address engaged in suspicious activity. The backdoor allowed third parties to remotely control the devices, compromising patient data security. Despite attempts by the company to release firmware updates to rectify the issue, the backdoor remains unresolved, prompting CISA to advise disconnecting the devices from networks if possible. Further investigations revealed similar vulnerabilities in other medical equipment software, raising concerns about data security in healthcare settings.
Recent Posts1
