Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Penetrate Top Medical Device Makers

Posted by samzenpus on from the lets-have-a-look dept.

An anonymous reader writes "Hackers have penetrated the computer networks of the country's top medical device makers, The Chronicle has learned. The attacks struck Medtronic, the world's largest medical device maker, Boston Scientific and St. Jude Medical sometime during the first half of 2013 and might have lasted as long as several months, according to a source close to the companies."

7 of 76 comments (clear)

  1. Take what they can get by cold+fjord · · Score: 4, Interesting

    I imagine they'll take what they can get: IP, personal data, or just more computers to control.

    If it really is China as suggested in the article that could make sense. China's population is going to be aging, and medical devices would be handy for either internal use or for another technology to develop and market.

    This is interesting (FTA): "The medical device makers were not aware of the intrusions until federal authorities contacted them, and they have formed task forces to investigate the breach, he said."

    Who do you suppose noticed the breaches, and how?

    --
    much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
    1. Re:Take what they can get by ebno-10db · · Score: 3, Funny

      Many of these device companies have network access/business agreements with healthcare providers around the nation.

      Hence the real reason that the federal government is concerned. They're afraid that the intruders will use that network access to reduce outstanding medical bills to reasonable levels.

    2. Re:Take what they can get by Hal_Porter · · Score: 3, Funny

      Who do you suppose noticed the breaches, and how?

      If the machine next to your hospital bed displays a laughing skull and starts playing mod tunes whilst demanding you pay by credit card to an account in Russia to avoid being "pwned by l33tgr0up" that is likely not a good sign.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
  2. Re: Response by DoofusOfDeath · · Score: 5, Funny

    When I hear about stuff like this, I'm ashamed of the savage thoughts and desires I feel towards the perpetrators.

    Do you want to lick them?

    No, I want to make them use Slashdot Beta.

  3. New Level of Ransomware by Akratist · · Score: 3, Interesting

    Someone probably already wrote a sci-fi story along these lines, but I can easily see someone with an artificial heart, pacemaker, or some other medical device getting a phone call threatening to shut their thing off unless they make an extortion payment. While I think most of these are air gapped at the moment, it's inevitable that they will become more interconnected, especially as a means of delivering diagnostic information (aka "heartbeats", heh), at which point it will be possible to run exploits against them. Even if a person's devices aren't experiencing a legit attack, I can also see plenty of people being scared into coughing up dough because they won't know any better.

  4. This is what you get.... by Lumpy · · Score: 5, Insightful

    When you think of IT as that annoying office of geeks you have to tolerate in the company.

    They are your first line of defense, when they ask for something you GIVE IT TO THEM.

    --
    Do not look at laser with remaining good eye.
  5. Internet of Things by JCHerbsleb · · Score: 3, Informative

    Welcome to the Internet of Things. Now, IT Security is not simply a venue to stop embarrassment (website defacements), disruption (DDoS), and exposure (SQLi), but potentially a life and death issue. Disruption of a pacemaker, insulin pump, etc. can have a very real impact. Perhaps a modern day "Pinto" incident will change the view of IT Security from an expense item to a necessary partner.