Doug McKee, senior security researcher at McAfee’s Advanced Threat Research team, has discovered a weakness that allows data on the patient’s condition to be modified by an attacker in real-time, to provide false information to medical personnel.
Medical devices use RWHAT protocol, to monitor a patient’s condition and vital signs. Using a small Raspberry device he could trick the nurse’s station monitor into thinking it’s communicating with something other than what it is.
The best defense for a hospital is to ensure that its networks are properly set up and isolated, and that devices are patched and that default passwords are changed.
https://threatpost.com/def-con-2018-hacking-medical-protocols-to-change-vital-signs/134967/
Ruby(Qianru) Yang says
Hi Raaghav, interesting to know the weakness that allows data on the patient’s condition to be modified by an attacker in real-time, to provide false information to medical personnel. Further, researcher found that a lack of authentication also allows rogue devices to be placed onto the network and mimic patient monitors.