Upgrade medicals devices to shut the backdoor on ransomware attacks

The same MRI machines that reveal the inner workings of the human body can also expose healthcare professionals to lethal attacks by hackers who use medical devices to infect computer systems with ransomware.

 

More technology news: How do physicians care for the digitally isolated?

 

Ransomware-the insidious software that locks up data and enables hackers to demand financial payments to release it-has evolved during the past decade into a sophisticated, multi-billion dollar crime ring, as evidenced by the WannaCry attack this spring that affected 200,000 Microsoft Windows-based machines in more than 150 countries. And, according to a report released by the U.S. Department of Homeland Security, the healthcare field remains one of the richest targets for ransomware attacks because of its need for immediate access to patient records.  

But how does a ransomware infection make the leap from medical devices like MRIs into the heart of computer systems at healthcare facilities?

Cybercriminals gain entry through backdoors

Medical devices are often accessible outside of normal network logon requirements because manufacturers maintain separate, backdoor access for maintenance purposes. Cyber thieves manipulate this access point to gain initial entry into a computer network. Then, the malicious software can travel swiftly throughout the whole system when records from MRIs, CT machines, ultrasound and or x-rays are electronically passed around the medical staff, for example.

Regardless of the entry point, once they get in, hackers can wreak havoc on medical care, just as they did to the National Health Service in the UK during the WannaCry attack or at the Hollywood Presbyterian Hospital, which paid $17,000 in bitcoin to ransomware bandits who froze the data for more than a week in 2016.

 

Blog: What is the price of a medical record?

 

While WannaCry victims were running Windows 7, which still has security updates from Microsoft, , medical devices are even more vulnerable to ransomware attacks because they operate on older legacy systems such as Windows XP, which is no longer supported by Microsoft. Consequently, even if a medical facility protects its IT network, it remains vulnerable if a laptop connected to an MRI is still running on old software. In other words, cyberthieves can get into a system through the backdoor in a medical device, just like traditional robbers can find a way into homes when families leave on vacation and inadvertently lock up everything except the rear windows.

Internal server error