Software security group demonstrates how hackers can use ransomware to harm and potentially kill hospital patients
An anonymous member of the Kaspersky Lab research team has demonstrated how easy it is for cybercriminals to change how medical devices work, putting patients’ lives at risk and potentially costing hospitals hundreds of thousands of dollars.
Hackers have deployed malicious malware known as ransomware against hospitals in the United States and Canada in the last month. Ransomware works by blocking computers and preventing users from accessing vital information until they pay a ransom. Bitcoin is usually the kind of money demanded by pirates as it is difficult to trace.
Hospitals are an ideal target for ransomware because they offer intensive care and are based on the latest information from patient records. Without easy access to the medication to a patient, medical and family history, patient care can be blocked, which puts pressure on hospitals to succumb to the demands of hackers. Interference with the hospital patient endangers the lives of patients and care is considered low, even by pirate standards.
Why hospitals are a haven for piracy
Kaspersky Lab, an international group of security software, could introduce a hospital in an experiment to demonstrate that they could access hospital machines and patient data in turn. As a result, hackers can change patient information, resulting in the prescribing of potentially dangerous and free treatments.
Clinics and hospitals housing conventional advanced medical equipment based on functional computers with an operating system and various applications. As medical devices are expensive, difficult to repair and are not updated regularly, they are particularly susceptible to the malicious activity of hackers.
The anonymous expert said hackers could implement the Shodan search engine to search for specific medical devices connected to the Internet, including MRI scanners and defibrillators. Hackers could have easy access to healthcare products based on the obsolete operating system, such as Windows XP.
In particular, the software company has been able to access more medical devices that appear in Shodan, which do not require a password as the local network had confidence. When browsing the network, Kaspersky Lab discovered a “common shell” in the user interface of the device, allowing the attacker to obtain sensitive data from patients.