Nozomi Networks Labs announces research uncovers numerous cyber vulnerabilities using GE HealthCare's ultrasound technology
(NASDAQ:GEHC)
.
This cybersecurity company provides OT and IoT security for critical infrastructure. The company said it conducted research on the GE HealthCare Vivid ultrasound family of devices and associated software. In total, Nozomi detected 11 vulnerabilities affecting several of the company's systems and software.
According to Nozomi's blog, the flaw could impact hospital workflows and the security of medical data. The GE HealthCare Product Security Portal has available patches and mitigations for identified vulnerabilities.
Nozomi explored the GE HealthCare Vivid T9 ultrasound system and its preinstalled Common Service Desktop web application. We also investigated his EchoPAC software that accompanies this technology. The company identified the vulnerability through “a variety of attack vectors.”
This study validated the ability to lock a Vivid T9 using proof-of-concept ransomware. After gaining physical access to the device and removing all Windows security protections (possibly because they gained full privileges), the researchers disrupt the device's logic and simultaneously display an image on the screen demanding ransom payment. Displayed. A similar payload could also be executed against a physician's workstation running EchoPAC.
Moreover, now able to execute code with full privileges on the target system, Nozomi says there is nothing to prevent attackers from accessing and manipulating patient data stored there. .
Nozomi's points on GE HealthCare's ultrasound vulnerability
Nozomi said attacks on the ultrasound capabilities of primary health care facilities could have serious and multifaceted effects. Ultrasound infrastructure plays an important role in the diagnosis and monitoring of various medical conditions. Inability to access or use a device can delay important medical procedures, disrupt accurate diagnosis, and impede treatment.
Such attacks can also compromise patient confidentiality, leading to privacy violations and legal consequences for hospitals. Nozomi said attackers could misuse or sell the exposed patient data, posing a threat to personal information. Patients may also suffer because the accuracy of diagnosis and treatment plans may be compromised.
Nozomi said GE Healthcare confirmed that trained medical staff conducted a medical safety risk assessment in accordance with regulatory expectations. GE Healthcare maintains that any associated safety risks are controlled, acceptable or as low as possible.
However, cybersecurity companies note that ransomware attacks against healthcare providers have increased in recent years.
Within the past year, LivaNova has disclosed cybersecurity breaches that disrupted some of its information technology systems and business operations. This incident comes on the heels of another major medical technology company, Henry Schein, experiencing a similarly significant breach.
GE Healthcare did not respond to requests for comment. This story may be updated.
