skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Informa pharma logo

Pharma Intelligence is part of the Informa Intelligence Division of Informa PLC

This is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Pharma Intelligence Logo
Search Icon Pharma Report StoreProduct loginProductLogin
Global Search Configuration

Stryker

 

Medical devices from Stryker Corp. and Becton Dickinson & Co. could be vulnerable to hackers, a US Department of Homeland Security office said.

The National Cybersecurity and Communications Integration Center (NCCIC) describes  potential risks tied to Stryker medical beds and the BD FACS Lyric flow cytometry solution in Jan. 30 advisories.

The vulnerable Stryker products are wireless-enabled models of theSecure II MedSurg Bed, theS3 MedSurg Bed, and theInTouch ICU Bed. According to NCCIC, the digital "handshake" used to verify the devices with the network can be manipulated to allow an attacker to partially disclose encrypted information or inject malicious data. The issue, known as the KRACK vulnerability, was discovered by a Belgian researcher.

Stryker has issued patches for some of the affected products. The company is also recommending that hospitals disable the beds’ wireless function if unneeded and operate the beds on a separate VLAN (virtual local area network) to improve security when possible. NCCIC further says users should ensure the devices can’t be accessed from the Internet; place devices behind firewalls and isolated from the business network; and use secure methods, such as VPNs, if remote access is needed.

Meanwhile, two versions of theFACSLyric flow cytometry software solution that run onWindows 10are vulnerable to unauthorized efforts to access administrative accounts, the DHS center says. BD is working with users to remedy the issue by either disabling the administrative accounts or replacing vulnerable workstations, NCCIC says. The agency also recommends that users minimize network exposure for all devices, restrict system access and disable any unnecessary accounts.

The US government's focus on medical device cybersecurity concerns has grown in recent years. The warnings came the same week that US FDA held a two-day public workshop on device cybersecurity vulnerabilities.(Also see "FDA Cybersecurity Forum: Manufacturers Explain Coordinated Vulnerability Disclosures" - Medtech Insight, 1 Feb, 2019.)

From the editors of The Gray Sheet

Read also

;

Next steps

Whether you’re a small biotech start-up, research firm, generic manufacturer or a global pharmaceutical giant, you need focused, independent insight and opinion on market developments.

Start a free trial

Our team is ready to hear from you for a particular request or area of interest. Please do not hesitate to reach out and discuss.

Contact Sales

Contact us for product technical and account support.

  • US Toll-Free   : +1 888 670 8900 
  • US Toll             : +1 212-600-3520
  • UK & Europe : +44 (0) 208 052 0700

Contact Customer Services

Have an immediate and specific information need?

Browse and buy from 1000s of analysis and research reports now:

Shop now