Over 20 Total Lots Up For Auction at One Location - TX Cleansweep 06/25

Some GE imaging systems vulnerable to hacking: Homeland Security

by Thomas Dworetzky, Contributing Reporter | March 21, 2018
Health IT X-Ray
The Department of Homeland Security issued a vulnerability alert March 13th for some GE Healthcare medical imaging product lines.

Independent researcher Scott Erven reached out to the DHS's Industrial Control Systems Cyber Emergency Response Team to warn of potential risks from use of default or hardcoded credentials in the products.

According to the alert a possibly "successful exploitation of this vulnerability” could let remote hackers get around authentication “and gain access to the affected devices."

Such a hack could pose big risks. Phil Curran, chief information assurance officer and chief privacy officer at Cooper University Health Care in Camden, New Jersey, told the site Gov Info Security of the ISMG Network that, "depending on what function the user ID/password provides within the code, the range goes from affecting how the device operates – a patient safety issue – to changing data integrity, to complete shutdown, to accessing patient information."

After being informed of the issue, GE reviewed “the capability to change passwords identified by the researcher within the product documentation", according to the ICS-CERT alert, "and users are advised to contact GE Service for assistance in changing passwords,"

The advisory also stated that a number of GE Healthcare devices are potentially impacted, including its Optima, Discovery, Revolution, Centricity, THUNIS, eNTEGRA, CADStream, GEMNet, Infinia, Millenium, Precision MP/i, and Xeleris lines.

GE Healthcare stated to ISMG that “We are working closely with customers to implement best practices for security, and supporting requests for assistance in changing passwords."

The advisory also noted that there are some updates from GE to address the default or hardcoded credentials, but not for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.

Moreover, the advisory listed a number of other defensive measures users could take to minimize the risk of exploitation of this vulnerability. Specifically, users should:

  • Close all unused ports on affected systems.

  • Where possible, discontinue or limit the use of non-product-related third-party software, such as email and web browser software on the affected system, which could broaden the attack surface of medical devices.

  • Ensure that affected systems have applied the most current vendor-issued patches available.

You Must Be Logged In To Post A Comment