CISA and the FDA are Warning of Critical Medical Vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) are issuing alerts about the presence of hidden functionality. This hidden functionality can be found in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability makes these monitors vectors for backdoor hacking efforts:
“The affected product sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so. This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device. The reverse backdoor allows the device to download and execute unverified remote files” CISA said in an advisory.
Other Vulnerabilities Putting Medical Facilites at Risk
Two other identified vulnerabilities in the devices could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution. Another privacy leakage vulnerability would cause plain-text patient data to transmit to a hard-coded public IP address. Thus, successful exploitation of these vulnerabilities could allow the device with that unspecified IP address to gain access to confidential patient information or open the door to an adversary.
“These cybersecurity vulnerabilities can allow unauthorized actors to bypass cybersecurity controls, gaining access to and potentially manipulating the device,” the FDA said. The FDA states it’s “not aware of any cybersecurity incidents, injuries, or deaths related to these cybersecurity vulnerabilities at this time.”
Ways to remedy this patient monitor deficit
CISA and the FDA are warning of Critical Medical Vulnerabilities. Given that these vulnerabilities remain unpatched, CISA is recommending that organizations unplug and remove any Contec CMS8000 devices from their networks. It’s also advisory to check the patient monitors for any signs of unusual functioning, such as “inconsistencies between the displayed patient vitals and the patient’s actual physical state.”
Cybersecurity starts long before a breach or vulnerability is exploited. A strong defense requires a skilled, up-to-date team that understands the ever-evolving tactics of malicious actors. At Velox Systems, we have extensive experience working with healthcare facilities. We understand the industry’s unique challenges and know how to protect your sensitive data and systems.
Not sure how secure your facility is? Does your in-house team need guidance on strengthening systems for 24/7 protection? Let’s chat!