For the past few years we have heard about some rather horrific security vulnerabilities in hospitals and sadly this has not changed at all. Indeed many hospitals are still on older, unsupported OSes such as WinXP that most security software no longer protects against the malware which was used. In one case a hospital using centralised intrusion detection software, updated endpoint protection, and new model firewall was still compromised using very old malware. In most of the cases described by The Register it was personal data and medical records which were compromised but that doesn't mean the medical appliances and physical security systems are not also vulnerable to attack.
"Attackers have popped three prominent US hospitals, using deliberately ancient malware so old that it slips under the radar of modern security controls to compromise Windows XP boxes and gain network beacheads."
Here is some more Tech News from around the web:
- Never-never chip tech Memristor shuffles closer to death row @ The Register
- Google Found Disastrous Symantec and Norton Vulnerabilities That Are 'As Bad As It Gets' @ Slashdot
- A month to go and Microsoft finally offers a 'no thanks' option for Windows 10 @ The Inquirer
- 5 SSH Hardening Tips @ Linux.com
- Corsair Lapdog – Gaming without a Desk @ [H]ard|OCP
- Play Store malware roots phones, installs an app every two minutes @ The Register
- Reverse Engineering Quadcopter Protocols @ Hack a Day