McAfee Enterprise’s Advanced Threat Research Team released new findings about vulnerabilities in the B. Braun Infusomat Space Large Volume Pump and the B. Braun SpaceStation, both of which are available and in use in South Africa.
These critical vulnerabilities could allow an attacker to conduct remote network attacks and modify the amount of medication a patient will receive through infusion. With over 200 million IV infusions administered each year globally, the vulnerability could have a significant global impact.
This modification in medicine could appear as a device malfunction and be noticed after a substantial amount of drug has already been dispensed to a patient because the infusion pump displays the correct medication amount while dispensing potentially lethal doses.
While the medical industry has lagged severely behind others in the realm of security for many years, security researchers can continue to propel the industry towards a safer future through reasonable disclosures like these. This is of particular importance in public sector healthcare, where limited budgets dictate that devices cannot be taken out of circulation for security patches to be implemented – particularly in times like the current third wave of COVID-19 infections, when, for example, ventilators are in constant use. Private healthcare providers are just as vulnerable.
“The reality of a security breach in any medical environment is that people’s lives are placed at risk, whether it’s through a cyber attack ahead of a ransom or hostage situation, or through a targeted attack on an individual,” says Carlo Bolzonello, country manager for McAfee in South Africa. “These may sound like farfetched ideas from spy movies, but they are completely plausible, highlighting the importance of a comprehensive cyber security strategy and solution in all healthcare environments.”
Please click here to view the report about the vulnerabilities in: Globally Used B. Braun Infusion Pump.
Share