A study of medical equipment at a chain of health care facilities in the Midwest found drug infusion pumps that could be remotely controlled to alter dosages; Bluetooth enabled defibrillators that could be manipulated to deliver or prevent shocks; and electronic medical records with inadequate protections, leaving them vulnerable to alteration and theft. Many devices lacked access authentication requirements, and many had weak or hardcoded passwords. Of particular concern were embedded web services that let devices communicate with each other and deliver data to electronic medical records.
No comments:
Post a Comment