Security News Hackers Can Falsify Patient Vitals

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/security/hackers-can-falsify-patient-vitals/
Hackers can falsify patients' vitals by emulating data sent from medical equipment clients to central monitoring systems, a McAfee security researcher revealed over the weekend at the DEF CON 26 security conference.

The research, available here, takes advantage of a weak communications protocol used by some patient monitoring equipment to send data to a central monitoring station.

Attack possible because of Rwhat protocol

McAfee security researcher Douglas McKee says he was able to reverse engineer this protocol, create a device that emulates patients vitals, and send incorrect information to a central monitoring station.
This attack required physical access to the patient, as the attacker needed to disconnect the patient monitoring client and replace it with his own device that feeds incorrect patient vitals to the central station monitored by medical professionals.
But McKee also devised another method of feeding central monitoring stations without needing to disconnect the patient monitoring client.
A variation of the attack requires the attacker to be on the same network as the patient monitoring client in order to ARP spoof the central monitoring station.
Click to expand...
 
  • Like
Reactions: vtqhtr413, In2an3_PpG and harlan4096
ZeroDay

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Thanks for the share. Anyone that actually does this needs locking up for life and some serious therapy. There's hacking and then there's playing with someone's life like it's a game.
 
  • Like
Reactions: LASER_oneXM, vtqhtr413 and In2an3_PpG
In2an3_PpG

In2an3_PpG

Level 18
Verified
Top Poster
Content Creator
Well-known
Nov 15, 2016
867
ZeroDay said:
Thanks for the share. Anyone that actually does this needs locking up for life and some serious therapy. There's hacking and then there's playing with someone's life like it's a game.
Click to expand...

Therapy doesn't work. How about death? Or too harsh? I am not much for life imprisonment.
 
  • Like
Reactions: vtqhtr413 and ZeroDay
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Wow
    • +Reputation
    • Thanks
Security News Healthcare software provider data breach impacts 2.7 million
Replies
2
Views
1,189
Security News
Jonny Quest
Jonny Quest
Gandalf_The_Grey
    • Wow
    • +Reputation
    • Like
Ransomware gang steals data of 5.8 million PharMerica patients
Replies
0
Views
846
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Wow
    • Like
    • +Reputation
California medical group data breach impacts 3.3 million patients
Replies
1
Views
582
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top