Freely subscribe to our NEWSLETTER

This wasn’t too alarming, since Rios hadn’t seen any way to actually change the dosage being administered itself. But then he kept on searching. He discovered that the same connection that exists in the pump allowing Hospira to access and update the device’s firmware, can also be accessed by hackers to upload a faulty update. The system doesn’t require authenticated and digitally signed updates. If you can update the firmware on the main board, you can make the pump do whatever you like.

Commenting on this rather scary story, Lancope CTO, TK Keanini, said:
“The Internet connects computers around the world, and these devices have transformed over the years. From giant systems that fill an entire room, to the Internet of Things, the Internet also connects us with cyber criminals; unfortunately, you will be a target of their activities, frequently without being aware. Now that practically every device we use – from printers to thermostats to medical equipment – is connected to the Internet, the security of ‘things’ has become a scarily large topic. In fact, by 2020, 26 billion objects will be connected to the internet. Unless we can quickly adapt to the Internet of Things, the next compromise will likely be on a massive scale and could affect the most intimate levels of our lives. Today you may tend to the security of maybe several devices. However, with the Internet of Things, you will add your car, all of the home and even medical devices as this story mentions. These talented bad guys will find a way to compromise the system and then you will need an update. Most people will never update these Internet of Things devices and herein lies the real issue. Securing a system is about constantly being able to adapt to the changing threat environment. We have a hard enough time updating all our current applications, now add 30 more devices from 10 different vendors and you see the problem.”