ICS-CERT, the US Computer Emergency Response Team that focuses on industrial control systems, has issued a warning that wireless hospital syringe-infusion pumps are vulnerable to hacking
The warning concerns the Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump.
The problem was discovered by security researcher Scott Gayou, who identified eight vulnerabilities in Smiths Medical's Medfusion 4000 Wireless Syringe, according to ICS-CERT.
The statement claims that the vulnerabilities are real, but adds that there are so far no known exploits in the wild.
"Smiths Medical is planning to release a new product version to address these vulnerabilities in January 2018," it added. "In the interim, NCCIC/ICS-CERT is recommending that users apply the identified compensating controls until the new version can be applied."
Smiths Medical has already posted a response to the low-level panic and communicated its apologies to its customers along with its belief that this is a non-threat.
"The possibility of this exploit taking place in a clinical setting is highly unlikely, as it requires a complex and an unlikely series of conditions," it said.
"We have been engaged with the FDA Center for Devices and Radiological Health and the U.S. Department of Homeland Security's Industrial Control System - Computer Emergency Response Team (ICS-CERT) to resolve this issue."
If you work in hospital IT and want to know more you can get all the details on the ICS-CERT page. Or you can wait until January 2018 when Smiths Medical will release a patch.
Central Bank of India forced to make banks take basic security more seriously
Qualcomm planning to use TSMC's 7nm process to make fast and power-efficient rival to Intel
Voice assistants in smart homes will reach 275 million in five years' time, and Amazon is in pole position
Kicking Palantir off of AWS is among their demands, too