Today, GE Healthcare — in coordination with CyberMDX and CISA (formerly ICS-CERT) — publicly disclosed the discovery of six software design flaws affecting seven products in their popular CARESCAPE line. These flaws represent a significant cybersecurity risk and offer an open door to bad actors who might seek to disrupt hospital operations or steal valuable medical data.
Each year we take some time to look at the trends we see happening in hospital technology and transformation. It is instructive to study the patterns and disruptive pressures contributing to changes in the hospital industry.
Along with all its holiday cheer, this time of year always seems to bring a bounty of predictions as to what the industry will experience over the course of our next lap around the sun. Often, that flurry of articles and blog posts seems more motivated by click-bait than thoughtful industry analysis and ...
In the world of information security, each new year brings new opportunities for growth and learning. From new cyber threats and mitigations to new tools and techniques, there's no shortage of new information to assimilate, new skills to master, and new lessons to take.
In the world of information security, each new year brings new opportunities for growth and learning. From new cyber threats and mitigations to new tools and techniques, there's no shortage of new...
The healthcare industry has come a long way in terms of technological advancement. Healthcare IT systems, structures, and standards have transformed modern healthcare and provided hospitals with...
Healthcare is the most cyber-targeted industry, with a full third of all US data breaches happening in hospitals and the problem is only getting worse. 15,085,302 individual medical records were...
In 2004, Nema (the National Electrical Manufacturers Association), together with HIMSS (Health Information and Management Systems Society) and a number of other security experts and government...
It's already a well-known fact: cybersecurity constitutes a major challenge for connected healthcare operations, regardless of their unique organizational structures and processes. When each...
In the last several years, data breaches and cyber attacks on healthcare organizations have been in the news with alarming frequency.
This article is the final installment of a three-part series. We've already examined how those traits and trends converged around the principle of agility. Now, we'll discuss how the push for...
It’s only reasonable that access to sensitive medical devices should be restricted to those who require it. Physical access guidelines are designed to ensure that only professionals with the...
On August 13, 2019 Microsoft utilized “Patch Tuesday” to release 36 new CVEs. Of those vulnerabilities, four stand out for their striking similarity to the BlueKeep vulnerability that sent shock...
On July 29th, 2019, eleven vulnerabilities affecting the “VxWorks” Real Time Operating System (RTOS) were publicly disclosed. Since these vulnerabilities were all reported by the same source and...
Biomedical engineers are the unseen force behind some of modern medicine's greatest achievements. Biomedical engineers are at the forefront of exciting research and they are staples of day-to-day...
For the first time, on July 9, 2019, ICS-CERT disclosed a vulnerability specifically impacting anesthesia machines. If exploited, the vulnerability would allow an attacker to silence alarms, alter...
On June 18, 2019, Netflix researchers, together with MITRE, issued an advisory containing four vulnerabilities relating to how Linux handles TCP Selective-Acknowledgement (SACK) at the kernel...
For healthcare organizations, regulatory compliance is serious business. Non-compliance not only carries serious ethical implications and threatens the loss of public trust, but even from a purely...
On May 14, 2019, Microsoft published an advisory for a newly discovered remote code execution vulnerability. Given the identifier CVE-2019-0708, the vulnerability has been more popularly named...
Unless you’ve been living under a rock for the last 10 years, you’ve heard of the Internet of Things, or IoT as it’s commonly abbreviated. The subset of IoT belonging specifically to healthcare...
Today’s hospitals are centers of advanced technology, with upwards of several thousand medical devices and clinical assets under their roof. The US is home to 6,210 hospitals, each with 50 to 500...
Picture this: you're a doctor at Holy Mountain’s Heart & Vascular Center. You're running late. Rushing past a waiting room full of patients in need of care, you hurry to your office and unlock the...
The world is changing; and while there may never have been a time when that statement was not true, it seems particularly true today. Change these days seems to be a lot more aggressive and...
It’s been a year since Spectre and Meltdown — the hardware vulnerabilities discovered collaboratively by Google’s Project Zero and others — went public. Those vulnerabilities rightly garnered...
Subject to stringent regulatory regimes with considerable legacy complications hindering new infrastructure, technology, or processes — most hospitals are also saddled with significant...
Use of the Internet of Medical Things (IoMT) in hospitals is growing. IP addressable medical technologies help deliver personalized care more quickly, give healthcare professionals access to...
It seems that every day we hear about the need for more and better medical cybersecurity measures, but why? We don’t hear about the need for retailers to improve shoplifting prevention mechanisms....
Machine learning is totally transforming the healthcare industry; from how patient care is delivered, to how laboratory procedures are conducted, to diagnostics, all the way to how information...
By now, most of us are familiar with the “WannaCry” ransomware attack. This attack exploited a weakness in Microsoft's Windows operating system to encrypt files and render computers useless until...
I won't sugar coat it. Hospitals are seen by hackers as "soft" and valuable targets. The modern medical facility is connected to the internet in a multitude of ways.
Directed by Oscar-nominated filmmakers Kirby Dick and Amy Ziering, the new Netflix documentary, The Bleeding Edge, profiles five people who suffered horrendously when the medical devices on which...
Medical devices can be your best asset and your worst nightmare. X-ray machines, defibrillators, and other medical electronics are life-saving technologies, but they can also be easily hacked if...
