The U.S. Food and Drug Administration (FDA) is raising awareness among health care providers and facility staff that cybersecurity vulnerabilities in certain GE Healthcare Clinical Information Central Stations and Telemetry Servers may introduce risks to patients while being monitored.
A security firm has identified several vulnerabilities in certain GE Healthcare Clinical Information Center workstations and Telemetry Servers, that may allow an attacker to remotely take control of the medical device and to silence alarms, generate false alarms and interfere with the function of patient monitors connected to these devices.
These devices are used mostly in healthcare facilities for displaying patient information, such as the physiologic parameters (such as temperature, heartbeat, blood pressure) of a patient, and monitoring patient status from a central location in a facility, such as a nurse’s workstation. To date, the FDA is not aware of any adverse events related to these vulnerabilities.
These vulnerabilities might allow an attack to happen undetected and without user interaction. Because an attack may be interpreted by the affected device as normal network communications, it may remain invisible to existing security measures.
For more information, visit https://tinyurl.com/FDA-GE-Cyber.
Read the official CISA Advisory (ICSMA-20-023-01).
*By entering your email address, you agree to receive emails regarding TechNation Magazine, Webinars, and Exclusive Promos.
© 2020, TechNation Magazine. Site designed by MD Publishing, Inc.