Security flaw: “Smart” drug syringes found to be hackable
09/21/2017 // JD Heyes // Views

As if the safety and efficacy of some vaccines weren’t already in question, now technology is making syringes less safe as well.

“Smart” syringes, anyway.

As reported by the U.K.’s Daily Mail, smart syringes, which are wireless-controlled devices used to administer medications through IVs, are now subject to hacking and, thus, have become a danger to patients.

The U.S. Department of Homeland Security says it has found a vulnerability in an automatic syringe infusion pump that doctors, nurses, and medical staff utilize to administer medications and anesthesia in the hospital setting.

In an advisory, the department’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said the there was a security flaw in one device called the Medfusion 4000 that would give hackers control over it, meaning they could ‘instruct’ the syringe to either withhold or speed up the delivery of medication. Either of those scenarios could lead to death.

“Successful exploitation of these vulnerabilities may allow a remote attacker to gain unauthorized access and impact the intended operation of the pump,” notes the warning. “Despite the segmented region, it may be possible for an attacker to compromise the communications module and the therapeutic module of the pump.”

Scott Gayou, a cyber security researcher, discovered at least eight vulnerabilities in the syringe, which is made by Smiths Medical. The company has said it plans to fix the flaws and will release a new version of its product next year. However, until then, DHS is warning hospitals to be on the lookout for any cyber tampering. (Related: Apple hopes to use 'big brother' software to change medicine.)

Brighteon.TV

“An attacker with high skill would be able to exploit these vulnerabilities,” said the DHS warning. “Successful exploitation of these vulnerabilities may allow a remote attacker to spoof or disrupt Transmission Control Protocol (TCP) connections, sniff sensitive account information, and gain unauthorized access to a current web session.”

Cyber security researchers say that six of the eight vulnerabilities pertain to issues involving authentication, hard-coded credentials, and certificate validation issues, any of which would allow a hacker to gain access to the device. Two others involve third-party elements, one of which would give a hacker “remote code execution” of the machine.

Medfusion 4000 units are in common use for critical care, neonatal, and pediatric patients. In each patient, medical dosing is crucial but that is especially true for newborns because even the slightest error can be fatal.

The devices were developed as replacements for manual dosing, and are said to be a much safer, surer way to deliver medications intravenously.

Smiths Medical, which is a British firm, released a statement outlining the security flaws.

“The possibility of this exploit taking place in a clinical setting is highly unlikely, as it requires a complex and an unlikely series of conditions,” the company's chief technology officer, Brett Landrum, wrote in a letter addressed to, “Dear Valued Customer. “I sincerely apologize for this inconvenience.”

As the “Internet of Things” spreads quickly to the medical industry, multiple wireless devices are now at risk of being hacked. For instance, the Daily Mail noted further, in August cyber security researchers discovered that more than 465,000 patients who had St. Jude pacemakers were at risk of hacks that could prove fatal, necessitating a risky “software update.”

The implanted devices, which are about the size of a matchbox, run on their own software and are designed to keep a person’s heart beating normally. In addition, they transmit data to monitoring cardiologists and physicians and trigger an alarm when there is a problem.

The maker of St. Jude, Abbott Laboratories, sent letters to thousands of clients warning them of the flaw and that there is nothing they can do on their own to protect their pacemakers from being hacked.

In addition to hacking, ransomware can also be used to potentially cause patient death in hospitals.

J.D. Heyes is a senior writer for NaturalNews.com and NewsTarget.com, as well as editor of The National Sentinel.

Sources include:

DailyMail.co.uk

NaturalNews.com



Take Action:
Support Natural News by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NaturalNews.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.
App Store
Android App
eTrust Pro Certified

This site is part of the Natural News Network © 2022 All Rights Reserved. Privacy | Terms All content posted on this site is commentary or opinion and is protected under Free Speech. Truth Publishing International, LTD. is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. Truth Publishing assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published here. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
Natural News uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.