DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
Current Location:
> This Story

starstarstarstarstar (1)
Log in or Register to rate this News Story
Forward Printable StoryPrint Comment



Cyber Security Homepage

At HIMSS, lessons from the front lines of the WannaCry cyber attack How providers became an 'accidental target' of hackers, and what to do about it

Siemens, IBM and others join charter to improve cybersecurity Trust outlines ten areas where governments and businesses can reduce threats

Report: Over 5.5 million breaches of patient records reported in 2017 Insider threats made up 37 percent of breaches

Survey: more than 8 in 10 providers lack cybersecurity leadership Only 11 percent plan to recruit a cybersecurity officer in 2018

Email-related cyberattacks hit 78 percent of providers says survey Email rated most at risk for potential data breaches

Survey finds 4 in 5 U.S. physicians have been hit with a cyberattack HIPAA compliance alone is not cutting it

Experts discuss cybersecurity threats and tips at RSNA Ransomware revenue has increased from $24 million to $1 billion in one year

At RSNA, HIMSS expert shares tips to prevent cyber attacks Annual cybersecurity awareness training is not enough

A new threat tops ECRI's annual health tech hazards list Some familiar concerns did not make the cut this year

Cybersecurity bill for medical devices proposed to US House of Representatives Public-private partnership to create protection framework

Hacking vulnerability in Siemens PET/CT scanners

by Thomas Dworetzky , Contributing Reporter
Some Siemens PET/CT scanners are vulnerable to hacking, both the company and the Department of Homeland Security's Industrial Control System Computer Emergency Response Team (ICS-CERT) have advised.

“Exploits that target these vulnerabilities are publicly available,” the ICS-CERT advisory noted, adding that, “an attacker with low skill would be able to exploit these vulnerabilities.”

Story Continues Below Advertisement

The (#1 Resource) for Medical Imaging and Peripherals. Call 1-949-273-8000

As a Master Distributor for major brands Barco, Philips, and Sony, we offer custom imaging solutions. With our renowned OEM Solutions and Service/Repair Center, Ampronix is a one-stop shop for HD Medical LCD Displays--Printers--Recorders--4K Cameras

Four vulnerabilities have been identified, linked to the fact that the products run Windows 7.

The company stated that it is readying updates to fix these soft spots, which can be “exploited remotely.”

The products involved included all Windows 7-based versions of Siemens PET/CT Systems, SPECT/CT Systems, and SPECT Systems, and Siemens SPECT Workplaces/

According to Siemens, among the vulnerabilities is one whereby a remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft web server of affected devices.

This allows code injection onto other devices.

The other three bugs are in the HP Client Automation Service software that manages software in the various systems. This permits the attacker to override access controls and change permissions, giving access to other “privileged” parts of the system.

Siemens Healthineers advises that the molecular imaging products be run on a dedicated network segment in a protected IT environment.

If this cannot be done, then the company advised running devices in standalone mode.

In addition it recommended that users “reconnect the product only after the provided patch or remediation is installed on the system.”

It noted that it is much faster to patch systems that are Remote Update Handling (RUH) enabled by remote software distribution, compared to onsite visits, and advised customers to contact the Customer Care Center to clarify the situation concerning patch availability and remaining risk in the local customer network. This may allow them to reconnect the devices to get the updates.

This vulnerability is just the latest in an ongoing drumbeat of cybersecurity issues that are a growing challenge in the health care industry.

Cyber Security Homepage

You Must Be Logged In To Post A Comment

Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Gold Service Dealer Program
Receive RFP/PS
Healthcare Providers
See all
HCP Tools
A Job
Parts Hunter +EasyPay
Get Parts
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to, Inc. Copyright ©2001-2018, Inc.