Suddenly you have a chest pain and you rush into the hospital, but everything seems fine after you get a checkup. You may think that pacemaker, which have been implanted in your body may be working properly, but quickly you get the message on your cell phone “If you want to live, pay us ransom or you will die. We have hacked your pacemaker”.
In derbyCon security conference, researcher Scott Erven and Mark Collao present their finding about medical devices; Pwnage & Honeypots. In conference, researchers simply showed how an attacker can simply find medical device connected to the internet through shodan search engine using terms like “radiology” or “x-ray machine”. According to Scott Erven, these devices are connected in the internet by design or by configuration error which make an attacker easy to steal data and safety issues of the user.
These medical devices are connected with the complex network of information technology system to share the information among, patients, doctor, nurse, insurance company, pharmacists, administrator and accountant with electronic health records. In medical industry, they prioritize their devices in high availability to know every detail of patients, which let the device vendor to put security in afterthought.
Scott Erven also found that patients/user is having bad security practice in using these devices as they won’t change the default password of these devices because the manufacturer won’t able to support them if default password changed. Which make their device vulnerable to the attacker.
Next being expensive data in black market medical data are priced as high as 10 times than financial and banking data which describe as “a rich new environment for a cyber criminal to exploit” by the FBI.
A report of 50,000 collected between September 2012 and October 2013 published by McAfee Labs shows
- 49,917 unique malicious events
- 723 unique malicious source IP addresses
- 375 U.S.-based compromised health care-related organizations
which shows in near future medical sector will be thrashed with ransomware.