par
Thomas Dworetzky, Contributing Reporter | March 21, 2018
Restrict network access to affected systems and ensure they are not directly accessible from the Internet.
Follow good network design practices, such as implementing network segmentation, and use DMZs with properly configured firewalls to selectively control and monitor all traffic passed between zones and systems.
Monitor and log all network traffic attempting to reach affected products for suspicious activity.
When remote access is required, use secure methods such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
The GE alert is one of many recent cybersecurity warnings. In August, 2017, ICS-CERT advised that
some Siemens PET/CT scanners are vulnerable to hacking.
Ad Statistics
Times Displayed: 79227
Times Visited: 2801 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
“Exploits that target these vulnerabilities are publicly available,” the ICS-CERT advisory noted, adding that, “an attacker with low skill would be able to exploit these vulnerabilities.”
Four vulnerabilities were identified, linked to the fact that the products run Windows 7.
The products involved included all Windows 7-based versions of Siemens PET/CT Systems, SPECT/CT Systems, and SPECT Systems, and Siemens SPECT Workplaces/Symbia.net.
Also in August, 2017, ICS-CERT warned that Philips DoseWise Portal (DWP), a web application for reporting and tracking radiation exposure,
could be remotely hacked — but a new update has since improved security.
“Philips has identified hard-coded credentials and cleartext storage of sensitive information vulnerabilities” the agency reported at the time.
Back to HCB News
