White Hat Hackers Hit 12 American Hospitals To Prove Patient Life 'Extremely Vulnerable'

Thomas Fox-Brewster | Forbes | February 23, 2016

A two-year research project into the security of 12 hospitals and a variety of medical technologies has concluded that patient health is “extremely vulnerable” to digital attacks. The report, shown to FORBES ahead of publication today, comes from Independent Security Evaluators (ISE), a San Diego-based security outfit that formed out of Johns Hopkins more than a decade ago.

Hollywood Presbyterian Medical Center - Wikimedia Commons

Its research involved attacking medical organizations in controlled settings, including compromises of patient monitoring systems, check-in kiosks and drug dispensers, the latter taking place after infections via USB sticks left around hospital premises. Those attacks, if they had been carried out by malicious hackers, would have ended in patient injury or death, the study concluded.

The researchers claimed their work, which saw them collaborate with healthcare entities and interview current and former employees of hospitals, showed an “industry in turmoil”. This was down to a “drastic lack of funding”, use of vulnerable technologies, a skills shortage and a widespread misunderstanding of threats to healthcare bodies. Hackers could “easily” compromise patient health, whether through theft of their data or by compromising medical data, the report claimed...