MENU

US finds backdoor in medical equipment

US finds backdoor in medical equipment

Business news |
By Nick Flaherty



The Food and Drug Administration (FDA) in the US has found cybersecurity vulnerabilities including a backdoor, in a medical patient monitor.

The backdoors in the CMS8000 patient monitor and its re-badged version, the Epsimed MN-120,  may put patients at risk after being connected to the internet. These are made by established manufacturer Contec in Qinhuangdao, China, which is one of the largest bases for R&D and manufacturer of medical devices in China.

Three cybersecurity vulnerabilities have been identified where the patient monitor may be remotely controlled and modified by an unauthorised user. The backdoor means that the device or the network to which the device has been connected could be compromised.

Once the monitor is connected to the internet, the backdoor gathers patient data, including personally identifiable information (PII) and protected health information (PHI), and sends it outside of the health care delivery environment.

Security is an increasingly important element of the trade war between the US and China, with the US proposing to ban connected vehicles by Chinese manufacturers.

The cybersecurity vulnerabilities, including the backdoor, can bypass cybersecurity controls, gaining access to and potentially manipulating the device and the US authorities recommend only using the equipment in local mode without a connection to the Internet.

www.contecmed.com

 

 

If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News

Share:

Linked Articles
10s