Siemens to update medical scanner software amid Homeland Security warning machines could be hacked
- DHS says a 'low skill' attacker could compromise the machines
- Windows 7 software on the machines is vulnerable to attack
German industrial group Siemens expects to update software in some of its medical scanners by the end of the month to deal with vulnerabilities that could, in theory, allow some of this equipment to be hacked, a company spokesman said on Monday.
Last week, the U.S. Department of Homeland Security issued a security notice warning that 'an attacker with a low skill would be able to exploit these vulnerabilities' using known weaknesses that exist in older Windows software.
The Siemens spokesman said no evidence of any attack had been found.
German industrial group Siemens expects to update software in some of its medical scanners by the end of the month to deal with vulnerabilities that could, in theory, allow the kit to be hacked (stock image shown)
Siemens' action provides more evidence of a growing focus on preventing cyber attacks on medical equipment, which for years ranked low on the list of potential hacking targets.
The vulnerabilities identified by Siemens were in its PET (positron emission tomography) scanners that run on Microsoft Windows 7, which could be exploited remotely.
PET scanners help to reveal how tissues and organs are functioning by using a radioactive drug to trace activity.
They can reveal or assess cancer, heart disease and brain disorders.
Initially, the Munich-based company advised hospital and other medical customers to disconnect the scanners until a update was released.
But the company spokesman said on Monday that after further review, it no longer believed disconnecting the scanners was necessary.
Siemens has assigned a security severity rating of 9.8 out of 10, using the open industry standard CVSS (Common Vulnerability Scoring System) risk assessment system, according to the U.S. security notice.
'Based on the existing controls of the devices and use conditions, we believe the vulnerabilities do not result in any elevated patient risk,' Siemens said.
'To date, there have been no reports of exploitation of the identified vulnerabilities on any system installation worldwide.'
Large imaging machines such as PET scanners are typically not directly connected to the Internet but are connected to clinical IT systems, which can be infected, for example, by an email attachment sent to a different part of the system.
'It's pretty serious,' UK-based independent computer security analyst Graham Cluley said.
'It does seem that these vulnerabilities can be exploited remotely and rather trivially.'
He said hospitals in general were badly protected against hacking, partly because of underfunding and partly because some older medical machines are not compatible with the latest versions of software operating systems.
The vulnerabilities identified by Siemens were in its PET (positron emission tomography) scanners that run on Microsoft Windows 7, which could be exploited remotely.
The global WannaCry cyber attack in May highlighted the vulnerability of medical systems when it caused major disruption to X-ray machines and other computer equipment in Britain's National Health Service, forcing hospitals to turn away patients.
Earlier this year, Abbott Laboratories moved to protect patients with its St. Jude heart implants against possible cyber attacks, releasing a software patch that the firm said would reduce the 'extremely low' chance of them being hacked.
Siemens plans a public listing for its healthcare unit, Healthineers, next year.
The IPO is expected to value the business at up to 40 billion euros ($47 billion).
Most watched News videos
- Bullied boy speaks out after students pick on him in school
- Homeowner's exploding package stops thieves over the years
- Shocking moment Chinese daredevil falls to death from skyscraper
- Woman puts life in danger as she rescues drowning dog from sea
- Video claims to show arrest in Salford after 'deliberate' fire
- Shocking video shows couple having SEX on a beach in middle of day
- 'Moment pipe bomb malfunctions': CCTV shows moment of explosion
- Terrifying moment bride is bitten by shark during honeymoon swim
- Heartwarming moment teen gets car from girlfriend's family
- MMA fighter posts video calling out mother of Keaton Jones
- Navajo men and women enjoy a traditional meal together in 1939
- Caller interrupts presenter after Chegwin's death announced
- Celebrities begin to question motives of mother of...
- Was gangland feud behind blaze that killed three...
- 'Yesterday he was a hero, today the world hates': Mother...
- The shocking moment an amorous couple are caught having...
- Pictured: The dog owner who risked her life as she was...
- Spiritual healing: Fascinating colorized images show...
- Wife told her husband she was raped after a drunken night...
- How one doctor's decision to write his name on his scrub...
- A heartwarming moment turned to hate: High school couple...
- Girlfriend breaks down testifying during trial of...
- Mother of raped and murdered five-year-old says she'll...
- 'Every parent's worst nightmare': Paedophile, 31, who...
- Hospital apologises after pregnant teenager was turned...
- Wheatgrass smoothie alert! Woman using a typewriter in a...
- Terrifying footage shows newlywed bride attacked by a...
- Student, 20, is found dead after he tried to walk home...
- Banksy unmasked? Tourist claims snap shows secretive...
- TV benefits fraudster who flaunted her jet-set lifestyle...