Medical Web Experts Security Bulletin: September 2021

Pablo Bullian

Pablo Bullian

Posted on September 02, 2021

Infusion Pump Hack Could Allow Attackers to Change Meds Administered to Patients

Researchers at McAfee uncovered a hack that allows attackers to take control of B. Braun infusion pumps, which are used in hospitals around the world. The attack requires physical network access to gain access to the SpaceStation, which could manage one or more pumps through one of its network-exposed endpoints. This could potentially lead to disastrous situations wherein patients are over-administered, or not administered, the drugs they need. The FDA is already reviewing this with McAfee as well as the provider in order to patch the vulnerabilities.

FBI Releases Guide on Indicators of Compromise from Ransomware

The OnePercent ransomware group, which is linked to use of the legitimate security tool Cobalt Strike for malicious purposes, is one of the largest hacking groups attacking US companies since November of last year. The FBI released a list of indicators of compromise, as well as some mitigation measures (which we’ve already recommended implementing in past security bulletins!) – such as maintaining offsite or offline backups, patching servers, periodically reviewing administrator account actions and privileges, and educating the workforce about phishing and the threats it poses.

T-Mobile Breached; 100 Million Accounts Exposed

T-Mobile confirmed that an attack was made on their infrastructure. Though they didn’t confirm in their official release whether personal data was exposed, news outlet Motherboard reviewed some leaked data on the dark web and confirmed that personal data of clients was being sold. Telecommunications infrastructure has been a prime target for state-backed hacking groups in the past few years, as has healthcare – so it’s important to have a good security strategy in place, as well as controls to match your organization’s needs.

Two Healthcare Organizations Hit by Ransomware

A healthcare organization from Ohio, and another from Nevada, have been hit by ransomware in recent months. One of these organizations was in negotiations with the hacking group to recover its information after the attack. ​​Experts followed the trail to the dark web, where they found some of the information being leaked, including individuals’ names, addresses, dates of birth, Social Security numbers, and clinical information (such as history, diagnoses, and test results).

Ransomware is a complex threat that requires the full attention of your organization’s IT security experts. Keeping offsite backups and disaster recovery sites can ensure operational continuity in the event of an attack.

Pablo Bullian

Pablo Bullian

Pablo, our Chief Information Security Officer, architected and manages Medical Web Expert’s HIPAA-compliant hosting infrastructure. He is a Certified Information Systems Security Professional (CISSP), Amazon Web Services (AWS) Certified Solutions Architect, and Cisco Certified Network Associate (CCNA). Pablo has an M.S. in Cybersecurity from the University of Buenos Aires and he’s passionate about all things related to cybersecurity and cloud hosting.

Related Posts

Graphic of a large laptop with a shield and padlock in front of it. Smaller images of people on the left and right side of the labtop interact with various mobile devices.

Posted on February 16, 2022 by Pablo Bullian

Welcome back to the Medical Web Experts Security Bulletin. Below are some recent developments that may impact your organization, as well as our recommendations for keeping your systems secure. Mitigating…Read more

Illustration of a boy sittin on top of a computer with security shields floating.

Posted on January 07, 2022 by Pablo Bullian

A Look at 2021’s Most Dangerous Vulnerabilities Found in Windows Patching is a complex task that most companies struggle with or overlook, but keeping systems, and therefore patches, updated is…Read more

Subscribe to Our Newsletter

Get promotions and current business tips. Sign up for our newsletter today.