Nozomi Networks Labs has discovered cybersecurity vulnerabilities in GE Healthcare’s ultrasound devices and software. The cybersecurity group identified 11 flaws across various systems and products, particularly highlighting issues in the Vivid line of ultrasound devices. These vulnerabilities pose risks such as unauthorized access to sensitive patient data, manipulation of medical records, and rendering devices inoperative through ransomware attacks.
GE Healthcare has acknowledged the identified risks, emphasizing that existing security measures are designed to minimize these threats. Additionally, GE Healthcare assured that malicious activities would be immediately apparent if they occurred. Details about these risks and recommendations for users have been posted on GE Healthcare’s product security portal.
In their analysis, Nozomi Networks Labs focused on the Vivid T9 ultrasound device, which operates on a customized version of Microsoft Windows 10. Researchers discovered methods to gain administrative privileges, allowing them to display ransom requests on the device’s screen and manipulate patient data.
These cybersecurity vulnerabilities could have significant impacts on healthcare, potentially delaying critical medical procedures, obstructing accurate diagnoses, and compromising timely treatments. Patient privacy is also at risk, potentially leading to confidentiality breaches and legal issues for hospitals.
To mitigate these risks, Nozomi Networks Labs advised healthcare facilities to adopt preventative measures such as keeping ultrasound devices attended and blocking incoming connections to workstations running clinical software connected to unprotected networks.
The vulnerabilities unique to GE Healthcare’s ultrasound devices highlight pressing cybersecurity concerns within the healthcare industry. GE Healthcare has proposed mitigations, but ongoing vigilance and best practices are crucial to safeguard patient data and ensure medical device reliability.
