The 6 lines of code that could bring down a hospital

March 11, 2013 by Arezu Sarvestani

The software flaw that allowed a duo of cybersecurity researchers to bring down a Philips XPER hospital management system with 6 lines of code is still a problem in current XPER machines, Philips tells MassDevice.com.

cybersecurity, hacking illustration

Using fairly rudimentary hacking techniques, researchers have exposed vulnerabilities in a variety of medical devices, most recently in a Philips (NYSE:PHG) Xper hospital management system that buckled under the force of a mere 6 lines of code.

The Xper device often connects with hospital machines and patient databases that could be compromised by someone with the know-how and motive to infiltrate the system.

Researchers at Cylance Inc. who wrote the code warn that the software security loophole could provide malicious hackers the means to crash the hospital information device at will, take control of the system and even use it as a gateway to access other devices on the same network.

Sign up to get our free newsletters delivered right to your inbox.

Philips initially suggested that the vulnerabilities may be limited to the older generation of the Xper information management system that the researchers tested, but company officials told MassDevice.com this week that the security holes are also a problem in current generations of the product.

Officials at the U.S. Dept. of Homeland Security and the FDA have taken an interest in the investigation and Philips is working on a fix that it can release to its customers, according to the Dutch healthcare and electronics conglomerate.

Comments

Features

Blame the medical device tax and the U.S. regulatory environment for the slump in investment in early-stage medical technologies, Silicon Valley Bank's Ben Johnson tells MassDevice.com.

Halyard Health, the publicly traded, $1.6 billion spinout of Kimberly-Clark's medical device business, is slated to go live in November, soon-to-be COO Chris Lowery tells MassDevice.com.

David Green tells MassDevice.com about the decision to split Harvard Bioscience and Harvard Apparatus Regenerative Technology, his choice to move over to the new entity and why regenerative technologies are poised to transform medicine.

Medtech veteran Dave Johnson has been with Alliqua Biomedical for less than 2 years, during which time he's overseen a major hiring spree, 3 business development deals and the company's 1st acquisition. In an interview with MassDevice.com, Johnson talks about his step-by-step perspective and where he hopes Alliqua will be in 5 years.

MassDevice.com brought together 4 of the most influential leaders in medtech to discuss the future of the industry on July 15, 2014 at DeviceTalks Boston.