MEDICAL imaging machines running outdated software like Windows 2000 can give hackers control of sensitive patient information that can cost hospitals millions of dollars in ransom, according to an industry report.
Cyberterrorists who gain entry to hospitals and their networks can easily connect to ultrasound imaging devices running old software that are often used to monitor pregnancies and other conditions, security specialist Check Point Software Technologies said on Thursday. From there, gaining access to personal details and images is simple, the report said.
Attacks like the 2017 WannaCry ransomware virus that hit computers in at least 100 countries spurred Check Point to investigate hackers' potential techniques. That virus spread mainly through programs that lacked recent security updates, and cost the UK's National Health Service alone some £92 million (S$164 million) in lost output and information technology costs, according to a report last year from the Department of Health & Social Care.
"We wanted to show how this could happen," said Gil Messing, a spokesman for Check Point, emphasising that the issue was not with the devices or the manufacturers but with the outdated software.
Vulnerability can stem from health devices running on software so old that there are no patches or updates, the report said. Solutions include better encryption of the files, employment of more advanced, comprehensive security solutions, and separating patient data from IT networks, Check Point said in a blog post. BLOOMBERG