Post Tagged with: "medical devices"

Drug Pumps Vulnerable to trivial Hacks, DHS warns

April 2, 2015 17:490 comments
Hospira's Mednet software contains serious and remotely exploitable vulnerabilities, the Department of Homeland Security warned.

In-brief: The Department of Homeland Security warned that drug infusion pump management software sold by Hospira contains serious and exploitable vulnerabilities that could be used to remotely take control of the devices.  Like this:Like Loading…

Read more ›

Intel: New Approach Needed to Secure Connected Health Devices

March 23, 2015 13:510 comments
In a new report, The Atlantic Foundation and Intel Security warns that risks accompany the rewards of connected medical devices.

In-brief: connected medical devices pose a number of risks to patients, including the threat of “targeted killings,” according to a report by Intel Security. The fix: better application design and more public-private sector cooperation. Like this:Like Loading…

Read more ›

Medical Information on Millions Stolen from Premera Blue Cross

March 18, 2015 09:510 comments
Premera healthcare is the latest victim of a cyber attack. According to reports, as many as 11 million records containing patient information may have been exposed.

In-brief: Premera Blue Cross said on Tuesday that it was the victim of a sophisticated attack. The hackers had access to Premera’s network for more than six months, stealing information on as many as 11 million members and employees.  Like this:Like Loading…

Read more ›

Wireless Infusion Pump is Test Case for Securing Medical Devices

December 29, 2014 11:211 comment
A NIST document provides a test case for securing connected medical devices, starting with wireless infusion pumps.

A National Institute of Standards and Technology (NIST) reference document is providing some of the clearest guidance from the U.S. government for securing connected medical devices, but may be setting too low a bar for securing wireless communications, according to a security expert. NIST, working with the University of Minnesota’s Technological Leadership Institute, released a draft Use Case document  (PDF) on December 18 to help health care providers “secure their medical devices on an enterprise networks.” However, in the area of communications security, the document suggests the use of WEP (Wired Equivalent Privacy), a legacy wireless security technology that can easily be cracked. NIST released the draft security use case document and is seeking feedback from the public. The drug infusion pump case study is described as the “first of a series” of similar use cases that will focus on medical device security, NIST wrote. The draft document presents a technical description of the security challenges […]

Read more ›

FDA Issues Guidance on Security of Medical Devices

October 1, 2014 20:55Comments Off on FDA Issues Guidance on Security of Medical Devices
The FDA issued guidance for manufacturers to address cyber security issues in the design of connected medical devices.

The U.S. Food and Drug Administration (FDA) issued final guidance on Wednesday that are designed to strengthen the safety of medical devices. The FDA called on medical device manufacturers to consider cyber security risks as part of the design and development of devices. The document, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” asks device makers to submit documentation to the FDA about any “risks identified and controls in place to mitigate those risks” in medical devices. The guidance also recommends that manufacturers submit documentation of plans for patching and updating the operating systems and medical software that devices run. The document, which will be released on Thursday, does not contain specific requirements. Rather, it describes the kinds of things that medical device manufacturers should consider when preparing pre-market submissions for medical devices in areas such as information confidentiality, integrity, and availability, the FDA said. The release of the document follows the […]

Read more ›
%d bloggers like this: