Drug pump is "most insecure" devices ever seen by researcher

[Permalink]

1 Like

That vendor needs to be clubbed like a baby seal for using telnet at all, much less dumping you to a root shell…

4 Likes

It may not be IP enabled, but it’ll get you high as a Georgia pine tree!

1 Like

Wish I’d known this when I was in hospital on morphine drip after an accident.

6 Likes

I worked at a company that sold devices to hospitals.
In order for them to be supported, they were networked. I ran into one that put devices on public IP’s in front of the firewall. Nothing that touched the patient, but they could and did have patient data.
This was a university hospital.

2 Likes

These devices are going to be pumping more spam than drugs.

2 Likes

I don’t understand - medical devices are so expensive partly because they require so much expensive certification before they’re allowed to be declared fit for human medical use. WTF is actually being “certified” if lethal garbage like this sails through all the certification checks and goes happily to market?!

8 Likes

Not killing or injuring the patient, and working reliably for years and years.

Which, yeah, are totally important, but if it CAN be hacked, someone will. Either take out the wifi stuff, or install security.

4 Likes

[quote=“Drew_G, post:8, topic:57027, full:true”]
Not killing or injuring the patient, and working reliably for years and years.[/quote]

Seems that this product fails on both of those counts - it’s open wireless means that it can kill/injure the patient, and similarly it means the reliability of its operation is zero.

Whoever is certifying this stuff isn’t doing their job.

2 Likes

i now know more than i should ~
fortunately , i have medicines and medical dispensation devices
for just such occasions ~

That sounds pretty hyperbolic to me. How many actual incidents of people hacking these devices and causing significant harm have there been so far? You’re treating this like a clear and present danger that makes injury a near certainty, when as far as I know, no attack like this has ever been tried in the real world.

I’m not sure how a product stops becoming “reliable” because it fails to stop something that’s never actually happened. Is it unreliable if it fails to prevent sasquatch attacks, too? I’m not saying this couldn’t eventually become a real threat, but I think you’re overstating the case crazily here.

1 Like

No, you’re totally correct of course. Defective products that just so happen to have not yet, publicly killed anybody should be left as is.

5 Likes

… the device was listening on Telnet port 23. Connecting to the device, he was brought immediately to a root shell account that gave him total, administrator level access to the pump. (emphasis added)

Regardless of whether anyone has hacked the device that we know about, (a) until this is fixed, anyone can hack the device; and (b) IT’S A DRUG PUMP.

hyperbole
hʌɪˈpəːbəli
noun
exaggerated statements or claims not meant to be taken literally.

Hyperbole? Not that I see.

3 Likes

Game consoles are vastly more secure, as are cell phones, almost everything that is viewed as hardware which runs software…

2 Likes

Was Ford Pinto a safe car before Those Crashes started happening?
Was the Comet a safe aircraft before the fatigue cracks reached the limit?

Might want to use a different example. The Pinto had a lower fatality rate than similar sized imported vehicle and the total rear impact fire death toll for over 3 million cars made was 27… The smoking gun document everyone said showed Ford knew about the problem was simply an internal document based on National Highway Traffic Safety Administration regulations and the value of a human life and had nothing to do with the Pinto.
Here is the source article published in Rutgers Law Review. The Pinto was just as safe as any compact car with a rear gas tank (the most common design at the time). The stories of hundreds of deaths which the news reported were actually just lies.

2 Likes

2 Likes

Good point, thanks. :smile: (It’s still however a good example of a known vulnerability that the vendor just leaves in.)

1 Like

Surprised I haven’t heard a claim that this feature was required by the ObamaCare death panels.

1 Like

Well, I suppose if there’s a situation where a patient’s life is at risk and some change urgently needs to be made to his device as soon as possible, the last thing you would want would be security to get in the way…? Yah, that will sell it.

1 Like