The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about Contec CMS8000 patient monitors, which secretly send patient data to a hard-coded IP linked to a Chinese university and allow remote execution of commands. This backdoor was discovered after a researcher flagged unusual network traffic to CISA.
The malicious firmware component quietly copies files from a remote server and enables attackers to take full control of the device, even sending sensitive patient data over an unauthorized protocol. Efforts by Contec to mitigate the issue have failed, as the firmware continues to contain the backdoor code.
CISA advises healthcare providers to disconnect affected devices from networks and monitor them for signs of tampering, as no effective patch is currently available. Organizations are urged to remain vigilant and secure any impacted systems.
Read more...
Logging you in...
Loading IntenseDebate Comments...