• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

DEF CON 2018: Hacking Medical Protocols to Change Vital Signs

September 8, 2018 by Raaghav Sharma 1 Comment

Doug McKee, senior security researcher at McAfee’s Advanced Threat Research team, has discovered a weakness that allows data on the patient’s condition to be modified by an attacker in real-time, to provide false information to medical personnel.

Medical devices use RWHAT protocol, to monitor a patient’s condition and vital signs. Using a small Raspberry device he could trick the nurse’s station monitor into thinking it’s communicating with something other than what it is.

The best defense for a hospital is to ensure that its networks are properly set up and isolated, and that devices are patched and that default passwords are changed.

https://threatpost.com/def-con-2018-hacking-medical-protocols-to-change-vital-signs/134967/

Filed Under: Week 02: TCP/IP and Network Architecture Tagged With:

Reader Interactions

Comments

  1. Ruby(Qianru) Yang says

    December 6, 2018 at 4:09 pm

    Hi Raaghav, interesting to know the weakness that allows data on the patient’s condition to be modified by an attacker in real-time, to provide false information to medical personnel. Further, researcher found that a lack of authentication also allows rogue devices to be placed onto the network and mimic patient monitors.

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (14)
  • Week 01: Overview (7)
  • Week 02: TCP/IP and Network Architecture (18)
  • Week 03: Reconnaisance (17)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (17)
  • Week 06: Sniffers (17)
  • Week 07: NetCat and HellCat (15)
  • Week 08: Social Engineering, Encoding and Encryption (21)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (17)
  • Week 11: SQL Injection (15)
  • Week 12: Web Services (25)
  • Week 13: Evasion Techniques (8)
  • Week 14: Review of all topics (15)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in