DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
SEARCH
Current Location:
>
> This Story

starstarstarstarstar (1)
Log in or Register to rate this News Story
Forward Printable StoryPrint Comment

 

 

Cyber Security Homepage

Blockchain-based cryptocurrencies vulnerable to growing cyberattacks Report from McAfee highlights emerging online dangers

Secure texting to become top mode for patient data exchange, says survey 94 percent of physicians see mobile technology as improving patient data exchange

Nearly 1.13 million patient records breached in first quarter of 2018 More than 77 percent perpetrated by healthcare employees sifting through family records

Nuvolo bridges gap between clinical engineering and IT Launches new Medical Device Cyber Security Platform

At HIMSS, lessons from the front lines of the WannaCry cyber attack How providers became an 'accidental target' of hackers, and what to do about it

Siemens, IBM and others join charter to improve cybersecurity Trust outlines ten areas where governments and businesses can reduce threats

Report: Over 5.5 million breaches of patient records reported in 2017 Insider threats made up 37 percent of breaches

Survey: more than 8 in 10 providers lack cybersecurity leadership Only 11 percent plan to recruit a cybersecurity officer in 2018

Email-related cyberattacks hit 78 percent of providers says survey Email rated most at risk for potential data breaches

Survey finds 4 in 5 U.S. physicians have been hit with a cyberattack HIPAA compliance alone is not cutting it

Hacking vulnerability in Siemens PET/CT scanners

by Thomas Dworetzky , Contributing Reporter
Some Siemens PET/CT scanners are vulnerable to hacking, both the company and the Department of Homeland Security's Industrial Control System Computer Emergency Response Team (ICS-CERT) have advised.

“Exploits that target these vulnerabilities are publicly available,” the ICS-CERT advisory noted, adding that, “an attacker with low skill would be able to exploit these vulnerabilities.”

Story Continues Below Advertisement

THE (LEADER) IN MEDICAL IMAGING TECHNOLOGY SINCE 1982. SALES-SERVICE-REPAIR

Special-Pricing Available on Medical Displays, Patient Monitors, Recorders, Printers, Media, Ultrasound Machines, and Cameras.This includes Top Brands such as SONY, BARCO, NDS, NEC, LG, EDAN, EIZO, ELO, FSN, PANASONIC, MITSUBISHI, OLYMPUS, & WIDE.



Four vulnerabilities have been identified, linked to the fact that the products run Windows 7.

The company stated that it is readying updates to fix these soft spots, which can be “exploited remotely.”

The products involved included all Windows 7-based versions of Siemens PET/CT Systems, SPECT/CT Systems, and SPECT Systems, and Siemens SPECT Workplaces/Symbia.net.

According to Siemens, among the vulnerabilities is one whereby a remote attacker could execute arbitrary code by sending specially crafted HTTP requests to the Microsoft web server of affected devices.

This allows code injection onto other devices.

The other three bugs are in the HP Client Automation Service software that manages software in the various systems. This permits the attacker to override access controls and change permissions, giving access to other “privileged” parts of the system.

Siemens Healthineers advises that the molecular imaging products be run on a dedicated network segment in a protected IT environment.

If this cannot be done, then the company advised running devices in standalone mode.

In addition it recommended that users “reconnect the product only after the provided patch or remediation is installed on the system.”

It noted that it is much faster to patch systems that are Remote Update Handling (RUH) enabled by remote software distribution, compared to onsite visits, and advised customers to contact the Customer Care Center to clarify the situation concerning patch availability and remaining risk in the local customer network. This may allow them to reconnect the devices to get the updates.

This vulnerability is just the latest in an ongoing drumbeat of cybersecurity issues that are a growing challenge in the health care industry.

Cyber Security Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2018 DOTmed.com, Inc.
ALL RIGHTS RESERVED