"Vulnerabilities in Over 100k Medical Infusion Pumps"

Security researchers at Palo Alto Network's Unit 42 have discovered that most smart medical infusion pumps have known security gaps that make them vulnerable to hackers.  Smart infusion pumps are network-connected medication delivery devices that use a combination of computer technology and drug libraries to administer medications and fluids to patients while limiting the potential for dosing errors.  The researchers reviewed crowdsourced data from scans of more than 200,000 infusion pumps on the networks of hospitals and other healthcare organizations.  Security gaps were detected in 75% of the scanned medical devices.  The security researchers noted that the most striking finding was that 52% of all infusion pumps scanned were susceptible to two known vulnerabilities that were disclosed in 2019, one with a "critical" severity score and the other with a "high" severity score.  The researchers stated that regulation needs to step in to make vendors and providers ensure that the connected devices used for delivering care meet a minimum standard for security.  The researchers noted that devices that can't be updated need to be replaced.

Infosecurity reports: "Vulnerabilities in Over 100k Medical Infusion Pumps"