ICS-CERT, the US Computer Emergency Response Team that focuses on industrial control systems, has issued a warning that wireless hospital syringe-infusion pumps are vulnerable to hacking
The warning concerns the Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump.
The problem was discovered by security researcher Scott Gayou, who identified eight vulnerabilities in Smiths Medical's Medfusion 4000 Wireless Syringe, according to ICS-CERT.
The statement claims that the vulnerabilities are real, but adds that there are so far no known exploits in the wild.
"Smiths Medical is planning to release a new product version to address these vulnerabilities in January 2018," it added. "In the interim, NCCIC/ICS-CERT is recommending that users apply the identified compensating controls until the new version can be applied."
Smiths Medical has already posted a response to the low-level panic and communicated its apologies to its customers along with its belief that this is a non-threat.
"The possibility of this exploit taking place in a clinical setting is highly unlikely, as it requires a complex and an unlikely series of conditions," it said.
"We have been engaged with the FDA Center for Devices and Radiological Health and the U.S. Department of Homeland Security's Industrial Control System - Computer Emergency Response Team (ICS-CERT) to resolve this issue."
If you work in hospital IT and want to know more you can get all the details on the ICS-CERT page. Or you can wait until January 2018 when Smiths Medical will release a patch.
A new RSA report urges coders to sign a 'Hippocratic Oath' before embarking on AI programmes.
IT security vendor believes APT33 is working for the Iranian government
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal