Chinese-Made Patient Monitor Contains a Secret Backdoor
A medical device used in hospitals has been found hosting a backdoor, paving the way for an unauthorized user to remotely control and tamper with the equipment.
The threat was discovered in three firmware versions for a patient monitor called the Contec CMS8000 (also sold as the Epsimed MN-120), which can display a user’s vitals, including heart rate, according to an advisory from the Cybersecurity and Infrastructure Security Agency (CISA).
The equipment, from China-based Contec Medical Systems, was mysteriously configured to connect to an IP address for a third-party university with no connection to the manufacturer.
The backdoor enables the IP address at the unnamed university to remotely download and execute unverified files on the patient monitor, CISA’s report says. In addition, the same backdoor automatically sends patient data to the IP address.
Ha! No patient in Canada will ever get connected to that thing. They’re all in a 2-year long queue waiting to be seen
Ain’t tech grand.
L – This is a temporary problem, as an A.I. medical physician will soon replace human physicians and at a
fraction of the cost to government. Since we discovered during the pandemic many/most human physicians could not think critically, nor scientifically, nor are any longer motivated by the Hippocratic Oath/medical ethics (Do No Harm, Cure must not be more harmful than the disease, treat the sick, informed consent). The change to A.I. robotic medical care, this transition may be less obvious than one might think. “You are 65 years of age, I must prescribe statins!” An A.I. robot or a human, how much difference. Protocol medicine isn’t the art of medicine, it’s medical technology in the service of $.
On the down side, as the A.I. physicians think more like humans, they may view the health of other A.I. robots
as more important than the lower cast humans.
So I can remotely disable the crash alarm?
So, a pipsqueak like Canada can find a backdoor in a medical monitor, but the USA can’t find one in a drone.
the Cybersecurity and Infrastructure Agency is part of DHS… canada was not involved.
This any different from Dominion voting machines?
It IS possible that the machine can be monitored and upgraded remotely. With something as complex as a medical monitor, it is likely that functionality and software needs to be updated to eliminate bugs etc. The network at a hospital would be isolated from outside networks, so casual intrusion seems unlikely.
Generally, to update firmware, you need to connect to the internet, ie outside the hospital’s network.
Do you work for Contec?
There have been lots of “casual intrusions” in Canadian hospitals.
https://hospitalnews.com/lets-make-2024-the-year-of-cybersecurity-in-canadian-healthcare/
If the hospital network is isolated from the ‘outside’, then there is no problem. I would expect that data theft is happening through a direct database connection, rather than through a dedicated product.
However, see here:
https://www.zerohedge.com/markets/widely-used-chinese-made-health-monitor-using-backdoor-send-patient-data-chinese-ip-address
We built a product that is based on an Arduino board, and I use the /mnt/ folder to log backup data. We also send data through an outside Internet connection to Google where a web app posts the data to a spreadsheet shared with the customer. This provides a no-cost cloud data base which avoids having to pay for a commercial data silo, and allows customization. Not all connections to the Internet are necessarily corrupt.