Cybersecurity

Cybersecurity firm finds vulnerabilities in GE HealthCare ultrasound

May 14, 2024
30 2 minutes read
Untitled design6
GE HealthCare Vivid T9 Ultrasound.jpg


GE HealthCare Vivid T9 Ultrasound
The Vivid T9 ultrasound platform. [Image from the GE HealthCare website]

Nozomi Networks Labs says research unearthed a number of cyber vulnerabilities with ultrasound technology from GE HealthCare

(Nasdaq: GEHC)

.

The cybersecurity firm provides OT & IoT security for critical infrastructure. It said it conducted research on a device from the GE HealthCare Vivid ultrasound family, along with companion software. In total, Nozomi detected 11 vulnerabilities affecting several systems and software from the company.

According to Nozomi’s blog, the flaws could have repercussions for the hospital workflow or the security of medical data. The GE HealthCare Product Security Portal has patches and mitigations available for the identified vulnerabilities.

Nozomi looked at the GE HealthCare Vivid T9 ultrasound system and its pre-installed Common Service Desktop web application. It also examined the EchoPAC software that accompanies the technology. The firm identified vulnerabilities through “different attack vectors.”

The research verified the ability to lock the Vivid T9 by means of a proof-of-concept ransomware. After physically accessing the device and removing all Windows security protections — a possibility due to the full privileges obtained — investigators disrupted the device logic while simultaneously showing a picture on the screen asking for the payment of a ransom. A similar payload can also be performed against a doctor’s workstation running EchoPAC.

Additionally, having achieved code execution with full privileges on a target system, Nozomi says nothing can stop an attacker from accessing and manipulating the patient data stored on it.

Nozomi’s takeaways on the GE HealthCare ultrasound vulnerabilities

According to Nozomi, an attack on a primary healthcare facility’s ultrasound capabilities could have severe, multifacted consequences. Ultrasound infrastructure plays a key role in diagnosing and monitoring various medical conditions. The inability to access or use devices could delay critical medical procedures, disrupt accurate diagnoses and impede treatment.

Such an attack could also compromise patient confidentiality, with potential breaches of privacy and legal implications for the hospital. Attackers could also misuse or sell the exposed patient data, Nozomi said, posing a threat to personal information. Patients could also face harm from the potential hindrances to the accuracy of diagnoses and treatment plans.

Nozomi said that GE HealthCare confirmed that their trained medical staff executed medical safety risk assessment following regulatory expectations. GE HealthCare maintains that the associated safety risk is controlled, acceptable or as low as possible.

However, the cybersecurity firm notes the rise of ransomware attacks against healthcare providers in recent years.

Within the past year, LivaNova disclosed a cybersecurity breach that disrupted portions of its information technology systems and business operations. This incident came shortly after another large medtech company, Henry Schein, experienced a significant breach as well.

 

GE HealthCare did not immediately respond to a request for comment. This story may be updated.



Source

May 14, 2024
30 2 minutes read

Related Articles

The Case for Building a Resilient Cybersecurity Framework

The Case for Building a Resilient Cybersecurity Framework

June 14, 2024
Invest in Your Company’s Cybersecurity with This Bundle

Invest in Your Company’s Cybersecurity with This $50 Bundle

May 17, 2024
Feds Embracing Partnerships, Cyber Incident Sharing Amid AI Threats – MeriTalk

Feds Embracing Partnerships, Cyber Incident Sharing Amid AI Threats – MeriTalk

June 5, 2024
How to Start Your Career as a Cybersecurity Engineer in 2024

How to Start Your Career as a Cybersecurity Engineer in 2024

June 8, 2024
Back to top button