Ultrasound Machine Diagnosed with Major Security Gaps

Check Point researchers investigate security risks and point to implications for medical IoT devices.

Kelly Sheridan, Former Senior Editor, Dark Reading

March 8, 2019

3 Min Read
Dark Reading logo in a gray background | Dark Reading

RSA CONFERENCE 2019 – San Francisco – Vulnerabilities in connected medical devices could have massive implications for patients and the healthcare industry as a whole.

The Internet of Medical Things (IoMT) is poised to broaden the attack surface for healthcare organizations, according to Check Point experts. Eighty-seven percent of healthcare institutions are expected to use IoT technologies by the end of 2019, with nearly 650 million IoMT devices in use by 2020, states a new Check Point study. The study underscores the danger of what could happen if these devices are poorly secured.

IoT devices collect vast stores of data and are commonly built on outdated software and legacy operating systems. This makes them a simple gateway for cybercriminals, who could break in and move laterally across the target network.

Consider ultrasound technology. Researchers explain how "huge advancements" have been made to provide detailed health data to doctors and patients. Unfortunately, they report, this innovation hasn't made its way to the security of IT environments where ultrasound machines sit. To prove this point, they went "under the hood" of a real ultrasound device.

What they found was a tool running on Windows 2000. Like many IoMT devices, this no longer receives updates or patches, and leaves both the machine and its data exposed to intruders. It wasn't hard to exploit vulnerabilities and access its database of ultrasound images, they explain.

An attacker with this access could launch a ransomware campaign on the hospital system or swap patients' images. "Think how much chaos that can do in the hospital," said Oded Vanunu, head of product vulnerability research at Check Point, in an interview with Dark Reading here at the RSA Conference.

Cybercriminals may use health records to get pricey medical services and prescription medications; they may also gain access to government health benefits. Or they could sell it: The Ponemon Institute found healthcare breaches are most expensive, at $408 per record.

Healthcare organizations often don't have the budget for strong IT and security, Vanunu explained. "Hospitals are flat networks – from our perspective ... we think cybercrime will start to move to the weakest networks." It's happening already, he noted.

IoMT devices are in mass production, Vanunu continued, but nothing is being done to secure them. Because the device Check Point analyzed was running Windows 2000, exploiting it was simple. "We didn't use any sophisticated tools," Vanunu said. "No zero-day, no reverse-engineering vulnerability. Any beginner can exploit it."

Related Content:

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

About the Author

Kelly Sheridan

Former Senior Editor, Dark Reading

Kelly Sheridan was formerly a Staff Editor at Dark Reading, where she focused on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights