Researchers: Thousands of Medical Devices Are Vulnerable To Hacking

itwbennett writes: At the DerbyCon security conference, researchers Scott Erven and Mark Collao explained how they located Internet-connected medical devices by searching for terms like 'radiology' and 'podiatry' in the Shodan search engine. Some systems were connected to the Internet by design, others due to configuration errors. And much of the medical gear was still using the default logins and passwords provided by manufacturers. 'As these devices start to become connected, not only can your data gets stolen but there are potential adverse safety issues,' Erven said.

Re:well, of course

It's not a vendor issue. Hospitals/practices should be using segregation in their networks, e.g.: VLANs. While there are use cases for accessing various medical equipment within the confines of the hospital/practice (monitoring, alarms, etc.) there's no reason they need access to the open internet.