Over 100 device models from GE Healthcare that are used primarily for radiological and imaging purposes in hospitals and other healthcare facilities can easily be compromised by hackers because of default support credentials that are publicly known but can’t be changed easily by users. This insecure implementation of remote management functionality allows hackers to access sensitive data stored on the impacted devices as well as infect them with malicious code that would be very hard to detect.

Healthcare organizations have increasingly been targeted by cybercriminals groups this year, particularly those distributing ransomware. Three US agencies—the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Homeland Security (DHS)—jointly issued an alert, warning that groups like TrickBot, Ryuk and Conti pose an imminent threat to US hospitals and healthcare providers. Vulnerabilities like the one found in GE Healthcare devices can enhance those attacks giving hackers access to critical devices that organizations can’t afford to be offline.

To read this article in full, please click here

You May Also Like

Kaseya Obtains Decryption Tool After REvil Ransomware Hit

Software Vendor Said Approximately 60 MSPs and 1,500 Clients Affected by AttackRemote…

Avaddon ransomware campaign prompts warnings from FBI, ACSC

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau…

The National Security Threat of Narcissism

Society has become increasingly isolated and disintegrated, leaving us vulnerable to exploitation…