Over 100 device models from GE Healthcare that are used primarily for radiological and imaging purposes in hospitals and other healthcare facilities can easily be compromised by hackers because of default support credentials that are publicly known but can’t be changed easily by users. This insecure implementation of remote management functionality allows hackers to access sensitive data stored on the impacted devices as well as infect them with malicious code that would be very hard to detect.

Healthcare organizations have increasingly been targeted by cybercriminals groups this year, particularly those distributing ransomware. Three US agencies—the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Homeland Security (DHS)—jointly issued an alert, warning that groups like TrickBot, Ryuk and Conti pose an imminent threat to US hospitals and healthcare providers. Vulnerabilities like the one found in GE Healthcare devices can enhance those attacks giving hackers access to critical devices that organizations can’t afford to be offline.

To read this article in full, please click here

You May Also Like

New Intel CPU-level threat detection capabilities target ransomware

Security vendors can now leverage new telemetry and machine learning processing capabilities…

Malicious Docker Images Used to Mine Monero

Images on Docker Hub Contained CryptominersA recently uncovered cryptomining scheme used malicious…

Evil by a Different Name: Crime Gang Rebrands Ransomware

WastedLocker Ransomware From Evil Corp Disguised as PayloadBin to Avoid SanctionsIf you’re…