DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
Current Location:
> This Story

starstarstarstarstar (1)
Log in or Register to rate this News Story
Forward Printable StoryPrint Comment



Cyber Security Homepage

Survey finds 4 in 5 US physicians have been hit with a cyberattack HIPAA compliance alone is not cutting it

Experts discuss cybersecurity threats and tips at RSNA Ransomware revenue has increased from $24 million to $1 billion in one year

At RSNA, HIMSS expert shares tips to prevent cyber attacks Annual cybersecurity awareness training is not enough

A new threat tops ECRI's annual health tech hazards list Some familiar concerns did not make the cut this year

Cybersecurity bill for medical devices proposed to US House of Representatives Public-private partnership to create protection framework

RefleXion Medical selects MedCrypt to secure its new radiotherapy technology Updated FDA guidelines put cybersecurity at forefront

Georgia Biomedical Instrumentation Society held its third annual conference and expo Organization takes aim at cybersecurity, device integration and much more

Abbott updates cybersecurity features for 465,000 pacemakers Follows criticism from U.S. health regulators

Homeland Security warns that Philips DoseWise Portal has security vulnerabilities New update mitigates the risk of hacking

Three methods for combating 3-D printer cyberattacks CT scanners and Raman spectroscopy used to examine 3-D printed objects for cyberattacks

Hacking vulnerability in Siemens PET/CT scanners

by Thomas Dworetzky , Contributing Reporter
Some Siemens PET/CT scanners are vulnerable to hacking, both the company and the Department of Homeland Security's Industrial Control System Computer Emergency Response Team (ICS-CERT) have advised.

“Exploits that target these vulnerabilities are publicly available,” the ICS-CERT advisory noted, adding that, “an attacker with low skill would be able to exploit these vulnerabilities.”

Story Continues Below Advertisement

CT, MRI, NM, SPECT/CT, PET & PET/CT service, refurbished systems and parts

Accelerate your ROI with our Black Diamond Certified refurbished systems. One year warranty - ISO 13485 Certified - FDA registered - Over 65k parts in inventory

Four vulnerabilities have been identified, linked to the fact that the products run Windows 7.

The company stated that it is readying updates to fix these soft spots, which can be “exploited remotely.”

The products involved included all Windows 7-based versions of Siemens PET/CT Systems, SPECT/CT Systems, and SPECT Systems, and Siemens SPECT Workplaces/

According to Siemens, among the vulnerabilities is one whereby a remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft web server of affected devices.

This allows code injection onto other devices.

The other three bugs are in the HP Client Automation Service software that manages software in the various systems. This permits the attacker to override access controls and change permissions, giving access to other “privileged” parts of the system.

Siemens Healthineers advises that the molecular imaging products be run on a dedicated network segment in a protected IT environment.

If this cannot be done, then the company advised running devices in standalone mode.

In addition it recommended that users “reconnect the product only after the provided patch or remediation is installed on the system.”

It noted that it is much faster to patch systems that are Remote Update Handling (RUH) enabled by remote software distribution, compared to onsite visits, and advised customers to contact the Customer Care Center to clarify the situation concerning patch availability and remaining risk in the local customer network. This may allow them to reconnect the devices to get the updates.

This vulnerability is just the latest in an ongoing drumbeat of cybersecurity issues that are a growing challenge in the health care industry.

Cyber Security Homepage

You Must Be Logged In To Post A Comment

Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Gold Service Dealer Program
Receive RFP/PS
Healthcare Providers
See all
HCP Tools
A Job
Parts Hunter +EasyPay
Get Parts
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to, Inc. Copyright ©2001-2017, Inc.