Pharma Intelligence is part of the Informa Intelligence Division of Informa PLC
This is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Medical devices from Stryker Corp. and Becton Dickinson & Co. could be vulnerable to hackers, a US Department of Homeland Security office said.
The National Cybersecurity and Communications Integration Center (NCCIC) describes potential risks tied to Stryker medical beds and the BD FACS Lyric flow cytometry solution in Jan. 30 advisories.
The vulnerable Stryker products are wireless-enabled models of theSecure II MedSurg Bed, theS3 MedSurg Bed, and theInTouch ICU Bed. According to NCCIC, the digital "handshake" used to verify the devices with the network can be manipulated to allow an attacker to partially disclose encrypted information or inject malicious data. The issue, known as the KRACK vulnerability, was discovered by a Belgian researcher.
Stryker has issued patches for some of the affected products. The company is also recommending that hospitals disable the beds’ wireless function if unneeded and operate the beds on a separate VLAN (virtual local area network) to improve security when possible. NCCIC further says users should ensure the devices can’t be accessed from the Internet; place devices behind firewalls and isolated from the business network; and use secure methods, such as VPNs, if remote access is needed.
Meanwhile, two versions of theFACSLyric flow cytometry software solution that run onWindows 10are vulnerable to unauthorized efforts to access administrative accounts, the DHS center says. BD is working with users to remedy the issue by either disabling the administrative accounts or replacing vulnerable workstations, NCCIC says. The agency also recommends that users minimize network exposure for all devices, restrict system access and disable any unnecessary accounts.
The US government's focus on medical device cybersecurity concerns has grown in recent years. The warnings came the same week that US FDA held a two-day public workshop on device cybersecurity vulnerabilities.(Also see "FDA Cybersecurity Forum: Manufacturers Explain Coordinated Vulnerability Disclosures" - Medtech Insight, 1 Feb, 2019.)
From the editors of The Gray Sheet
Medtech Insight: global medical technology news & analysis
By Marion Webb 23 Oct 2020
In this week’s podcast, Medtech Insight's managing editor Marion Webb has an update from the virtual HLTH panel discussions on...
Medtech Insight: global medical technology news & analysis
By Elizabeth Orr 23 Oct 2020
Investors in surgical robotics company Auris say Johnson & Johnson failed to support the company per their merger agreement.
Medtech Insight: global medical technology news & analysis
By Reed Miller 22 Oct 2020
The FDA has asked the company for more information to support its PoNS therapy for multiple sclerosis patients with gait...
Request a Trial
Whether you’re a small biotech start-up, research firm, generic manufacturer or a global pharmaceutical giant, you need focused, independent insight and opinion on market developments.
How can we help you?
Our team is always happy to hear from you. Please call us at:
Pharma Report Store
Have an immediate and specific information need?
Browse and buy from 1000s of analysis and research reports now:
In the continually evolving medtech competitive landscape, it is vital to stay up-to-date with key events. With Meddevicetracker, you’ll be able to anticipate upcoming filings, research clinical trial dates and data, and access market size information and expert forecasts, all in one place.
Get a window into what the leading players across the biopharma, medtech, and diagnostics industries are thinking, as well as important insight into what your competitors are doing. Build your strategy with In Vivo.
Looking for more products Product Finder
