Imagine getting misdiagnosed by your doctor because a hacker altered your medical record.
In an episode on the popular television series "Homeland," a terrorist remotely manipulated a defibrillator implanted inside the chest of the U.S. Vice President, played by actor Jamey Sheridan. That could happen in real life.
Scott Erven, an information security officer for Essentia Health, a health company that operates roughly 100 facilities in the U.S., discovered that hospital equipments can be remotely controlled.
In his two years of research, Erven found out that devices such as drug infusion pumps, defibrillators, and X-rays can be breached by a skillful hacker. Even refrigerators storing blood and drugs can be reset. And, worst of all, digital medical records can be changed.
“Many hospitals are unaware of the high risk associated with these devices,” Erven told Wired's Kim Zetter in an interview. “Even though research has been done to show the risks, health care organizations haven’t taken notice. They aren’t doing the testing they need to do and need to focus on assessing their risks.”
However, Erven did not disclose the manufacturers of the hospital equipments. But he added that many devices had security loopholes such as weak passwords and embedded web servers that are easy to hack. You can read the rest of the report on Wired.