FDA Issues its First-Ever Cybersecurity Alert

AllGov.com
Tuesday, August 04, 2015

In what may be a first for the agency, the Food and Drug Administration (FDA) has issued a cybersecurity alert to hospitals using computer-controlled pumps to administer drugs to patients.

The FDA warned that the Symbiq Infusion System, manufactured by Hospira, contains vulnerabilities in its software that could allow a hacker to adjust the dosage of a drug.

The vulnerabilities were first detected by cybersecurity researcher Billy Rios, and later confirmed by the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team.

The FDA says Hospira is aware of the cybersecurity weaknesses with the Symbiq Infusion System, and has recommended hospitals stop using them and switch to alternative infusion systems. The agency said it was not aware “of any patient adverse events or unauthorized access of a Symbiq Infusion System in a health care setting.”

Hospira has stopped manufacturing and distributing the Symbiq Infusion System, which was “due to unrelated issues,” according to the FDA. However, many of them are still available for purchase through medical supply companies. The FDA advised health care facilities to avoid purchasing the pumps from these third parties.

In addition, Rios said he has found similar vulnerabilities in other pumps made by Hospira. The company’s PCA LifeCare pumps; PCA3 LifeCare and PCA5 LifeCare pumps; and its Plum A+ model of pumps are all able to be accessed by hackers, according to Wired.

The Rest…HERE

This entry was posted on Tuesday, August 4th, 2015 at 11:15 am and is filed under Technology, Terror. You can follow any responses to this entry through the RSS 2.0 feed.