Kaspersky researcher hacks his own hospital, accesses medical equipment with ease

At the 2016 Security Analyst Summit, held Feb. 7-11 in Tenerife, Spain, a Kaspersky Lab researcher demonstrated how he hacked into a Moscow hospital and accessed a number of its electronic medical devices with relative ease, while sitting in a car outside the facility, according to TechWorm.

After performing a search for nearby devices connected to the Internet, Sergey Lozhkin found exposed devices from the hospital, including a CT scan machine protected only by a single default password. Mr. Lozhkin notified administrators and in collaboration with them, carried out a security audit to determine just how vulnerable the hospital's network was. By sitting in the hospital parking lot, he was able to enter the facility's internal wireless network and ultimately gain access to a number of medical devices, including a control panel for an MRI machine that contained protected patient data.

"I have no information on medical equipment; I don't know how it works," TechWorm reports Mr. Lozhkin said at the summit. "I started the research just to learn something. It's really scary. When we develop technology in software systems, engineers forget about IT security. It's a problem not just with medical equipment, but in a lot of areas of the industry."

More articles on health IT: 

Hackers shut down Hollywood Presbyterian Medical Center IT systems, demand $3.6M ransom
New York tops states in electronically prescribing controlled substances
Stuck in the '90s: Why do physicians still page?

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers