Connect with us


Forescout report shows new supply chain vulnerabilities that can impact medical and IoT devices

A detailed list of 150 plus potentially affected devices from 100 plus vendors highlights the significance of the vulnerabilities



Forescout - health tech

Researchers from Forescout have announced their discovery of critical new vulnerabilities discovered on Internet of Medical Things (IoMT) devices.

Forescout’s Vedere Labs, in partnership with CyberMDX, have discovered a set of seven new vulnerabilities affecting PTC’s Axeda agent, which it is collectively calling Access:7.

When exploited, the vulnerabilities allow hackers to take full control of these devices, access device data, alter critical patient data or modify configurations in the devices.

The Axeda solution enables device manufacturers to remotely access and manage connected devices. The affected agent is most popular in healthcare but is also present in other industries, such as financial services and manufacturing. The report found that more than one-half of those vendors who use Axeda are in the healthcare industry followed by one-quarter using developing IoT solutions. The agent was found to be more popular in imaging (36%) and lab (31%) machines than in any other type.

A detailed list of 150 plus potentially affected devices from 100 plus vendors highlights the significance of the vulnerabilities. The list contains several medical imaging and laboratory devices.

Vulnerable devices used in other industries include ATMs, vending machines, cash management systems, label printers, barcode scanning systems, SCADA systems, asset monitoring and tracking solutions, IoT gateways and machines such as industrial cutters.

IoT devices use a wide variety of operating systems, hardware and software. Typically, IoT manufacturers do not allow customers to install software, including security agents, on their devices. In the case of Access:7, PTC depends on IoT manufacturers to install the Axeda agent before their IoT devices are sold to customers in what is typically called an original equipment manufacturer (OEM) approach.

Speaking with Health Tech World, Daniel dos Santos, head of security research at Forescout said: “It is very serious and getting more serious. Currently, the biggest threat to hospitals is ransomware, which affects workstations but can also affect medical devices running standard operating systems.

With ransomware, attackers can exfiltrate sensitive data and deny the availability of critical systems at the same time. I say it is getting more serious because there is also a lot of research being published about vulnerabilities affecting other types of medical devices. At any point, attackers may want to leverage those vulnerabilities and shift their tactics to include tampering with the proper functioning of medical devices. That is a very scary scenario.

They have to first assess the risk their devices are exposed to. That includes identifying and classifying every device on their network to understand which are affected by vulnerabilities. Then they can think of patching devices, which usually is a problem in healthcare because of when patches are made available, the need for maintenance windows that allow devices to be taken offline, certification problems and so on.

Another important point is ensuring that the network is segmented in a way that critical devices have limited exposure and attackers cannot reach them from weaker entry points.”

Continue Reading
1 Comment

1 Comment

  1. Pingback: How pharma firms can get more value from unstructured data

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending stories