Hackers can falsify patients' vitals by emulating data sent from medical equipment clients to central monitoring systems, a McAfee security researcher revealed over the weekend at the DEF CON 26 security conference.
The research, available
here, takes advantage of a weak communications protocol used by some patient monitoring equipment to send data to a central monitoring station.
Attack possible because of Rwhat protocol
McAfee security researcher Douglas McKee says he was able to reverse engineer this protocol, create a device that emulates patients vitals, and send incorrect information to a central monitoring station.
This attack required physical access to the patient, as the attacker needed to disconnect the patient monitoring client and replace it with his own device that feeds incorrect patient vitals to the central station monitored by medical professionals.
But McKee also devised another method of feeding central monitoring stations without needing to disconnect the patient monitoring client.
A variation of the attack requires the attacker to be on the same network as the patient monitoring client in order to ARP spoof the central monitoring station.