San Mateo cyber security firm uncovers malware on medical devices

Thursday, February 16, 2017

This is an undated image of an MRI machine with graphics from San Mateo's TrapX Security.
kgo-KGO-TV

SAN MATEO, Calif. (KGO) -- Are your medical records at risk from cyber criminals?

Could hackers corrupt a medical records network and endanger the lives of patients?

The ABC7 News I-Team has exclusive details on a new report from a Bay Area cyber security firm sure to get the attention of patients and health care providers.

Investigators at San Mateo-based TrapX Security detected malware on medical devices at major healthcare providers across the globe.

TrapX says the infected medical devices create a backdoor security breach that puts tens of thousands of patients records at risk. The exact number of stolen records has yet to be determined.

Pilfered medical records can be sold on the for as much as ten times more than cyber thieves can get for stolen financial data such as credit card or bank account numbers.

While consumers can cancel their credit cards or change their bank account numbers-patients' medical records retain their value for the life of the patient.

We spoke with TrapX CEO Greg Enriquez about the company's "MEDJACK.3" report to be unveiled Thursday at the RSA Conference on cyber security at San Francisco's Moscone Center.

Enriquez says his team found malware planted on several types of medical devices including an x-ray printer, an oncology unit's MRI scanner, a surgical center's blood gas analyzer and a health care provider's PACS-picture archiving and communication system.

"Those devices are in the operating room; they could be in a hospital bed. Lives could be dependent on them and if they're disrupted with malware or ransomware or other attacker toolkits-they may not be able to do what they're meant to do," Enriquez said.

Malware planted on a blood gas analyzer could impact the information a surgeon uses to determine the amount of anesthesia a patient needs. Enriquez points out malware planted on a heart monitor or dialysis machine could corrupt data and result in a fatal breach.

He told the ABC7 I-Team any device with an operating system could be susceptible if it is connected to the internet or to an online system.

TrapX Security has uses a deception technology approach to detecting and defeating hackers. They establish fake assets and create phony networks to protect data and lure attackers away from their real targets.

To learn more about detecting malware infected medical devices and the effort to stop cyber criminals from breaching healthcare networks you can read the reports TrapX issued MEDJACK.2 last year and MEDJACK.1 in 2015.

The company says they make these reports public because they are committed to helping educate consumers, patients, doctors and healthcare providers about the difficulty and urgency in securing medical devices within large healthcare networks.