Security Market Segment LS
Thursday, 31 March 2016 17:10

VIDEO: How a hospital is hacked, Kaspersky finds Health IT is sick Featured


A Kaspersky Lab tech expert has found ways to hack into medical devices in an attempt to explore security weaknesses and how to address them - the findings will make you ill!

Internet security supremos Kaspersky Lab are at the forefront of a great many IT security discoveries these days, with its latest security news revolving around the highly sensitive and important medical sphere.

The company has a ‘Global Research & Analysis Team’ which has the clever acronym of ‘GReAT,’ with one of its senior researchers, Sergey Lozhkin, conducting real field research at a private clinic - in an attempt to explore its security weaknesses and how to address them.

The comapny issued a media release which I have largely reprinted below, opening all of our eyes to the stark dangers uncovered - with sprinklings of my observations here and there and spoonfuls of either curative or deadly medical puns which you’re sure to recognise.

Sickeningly, vulnerabilities were found in medical devices that opened a door for cybercriminals to access the personal data of patients, as well as their physical well-being, which is enough to give you a headache and an upset stomach just thinking about it - especially if you’re a hypochondriac.

In any case, Lozhkin explained that today’s modern clinic is a complicated system.

He reminded us that modern clinics have ‘sophisticated medical devices that comprise fully functional computers with an operating system and applications installed on them.’

Paper records are long gone, with doctors relying on computers, and all information being stored in a digital format - which is as you’d expect it would be, at least in Western or modern countries in 2016.

Here is Lozhkin's video presentation - the article continues in depth below, please read on!

In addition, says Lozhkin, ‘all healthcare technologies are connected to the Internet. So, it comes as no surprise that both medical devices and hospital IT infrastructure have previously been targeted by hackers.’

Indeed, something that may send some people dizzy is the knowledge of recent examples, whereby hospitals in the US and Canada suffered ransomware attacks, and at least one hospital had to go back to old fashioned pen and paper just to keep operating.

However, a massive malicious attack is but one of the ways in which criminals could exploit the IT infrastructure of a modern hospital, warns Kaspersky.

Sadly, there are others.

Much more below, please read on!

Clinics store personal information about their patients, and Lozhkin reminds us that clinics ‘also own and use very expensive, hard to fix and replace equipment, which makes them a potentially valuable target for extortion and data theft.’

The outcome of a successful cyberattack against a medical organisation, we are told, could ‘differ in detail but will always be dangerous.’

It could involve the following:

  • The felonious use of personal patient data: the resale of information to third parties or demanding the clinic pay a ransom to get back sensitive information about patients;
  • The intentional falsification of patient results or diagnoses;
  • Medical equipment damage may cause both physical damage to patients and huge financial losses to a clinic;
  • Negative impact on the reputation of a clinic.

Shock: Medical devices exposed to the Internet

So, the first thing that Lozhkin decided to explore, while conducting this research, was to ‘understand how many medical devices around the globe are now connected to the Internet.’

Now, most readers would realise this, but for those who don’t, modern medical devices are fully-functional computers with an operating system and most of these have a communication channel to the Internet. By hacking them, criminals could interfere with their functionality.

Lozhkin took a quick look over the Shodan search engine for Internet-connected devices, and saw results which ‘showed hundreds of devices - from MRI scanners, to cardiology equipment, radioactive medical equipment and other related devices registered there.’

The security company’s discovery leads to ‘worrisome conclusions - that some of these devices still work on old operational systems such as Windows XP, with unpatched vulnerabilities, and some even use default passwords that can be easily found in public manuals.’

Clearly, as Lozhkin states, ‘using these vulnerabilities criminals could access a device interface and potentially affect the way it works.’

Talk about churning stomachs - my own addition to the above is that this kind of activity is a new type of medical nightmare very different to medical mistakes and sponges left inside patients after surgeries, because in many ways this kind of hack attack can have far wider consequences than with individual instances.

So, what about inside a clinic’s local network?

Lozhkin explained that the above mentioned scenario was ‘one of the ways in which cybercriminals could get access to the clinic’s critical infrastructure.’

However, hacking via the Internet is one thing - Lozhkin set the paddles to stun and shocks us back to life with the observation that ‘the most obvious and logical way is to try to attack its local network.’

And so he did just that: during the research a vulnerability was found in the clinic’s Wi-Fi connection.

Through a weak communications protocol, access to the local network was gained!

Exploring the local clinic’s network, Lozhkin found some medical equipment that was previously found on Shodan.

This time however, to get access to the equipment one didn’t need any password at all - because the local network was a trusted network for medical equipment applications and users. This is how a cybercriminal can gain access to a medical device. Further exploring the network, Lozhkin discovered a new vulnerability in a medical device application.

Here we are told that ‘a command shell was implemented in the user’s interface that could give cybercriminals access to personal patient information, including their clinical history and information about medical analysis, as well as their addresses and ID details. Moreover, through this vulnerability the whole device controlled with this application could be compromised.’

You can't just take an aspirin for these things and call the doctor in the morning. This kind of thing is a medical emergency!!

For example, explained Lozhkin, ‘among these devices could be MRI scanners, cardiology equipment, radioactive and surgical equipment. Firstly, criminals could alter the way the device works and cause physical damage to the patients. Secondly, criminals could damage the device itself at immense cost to the hospital.’

Lozhkin said: “Clinics are no longer only doctors and medical equipment, but IT services too. The work of a clinic’s internal security services affects the safety of patient data and the functionality of its devices.

“Medical software and equipment engineers put a lot of effort into creating a useful medical device that will save and protect human life, but they sometimes completely forget about protecting it from unauthorised external access.

“When it comes to new technologies, safety issues should be addressed at the first stage of the research and development (R&D) process. IT security companies could help at this stage to address safety issues.”

So, what does Kaspersky Lab recommend implementing to protect clinics from unauthorised access?

Here are the recommended measures:

  • Use strong passwords to protect all external connection points;
  • Update IT security policies, develop on time patch management and vulnerability assessments;
  • Protect medical equipment applications in the local network with passwords in case of an unauthorised access to the trusted area;
  • Protect infrastructure from threats like malware and hacking attacks with a reliable security solution;
  • Backup critical information regularly and keep a backup copy offline.

To learn more about security in the healthcare industry, please read Sergey Lozhkin’s detailed blogpost over at Securelist.

You can also fill in the online questionnaire on Kaspersky Labs’s IT Heath Check page to find out more about the state of the healthcare industry with regards to cybersecurity.’

Read 4105 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News