Philips, CISA Warn of Medical Device Product Security Flaws

November 22, 2021 CynergisTek, Inc.

Exploitation Could Allow Access to Patient Data, Denial of Service Attacks

Certain Philips' patient monitoring products are the subject of new security alerts from the manufacturer and CISA.

Federal regulators and Philips this week issued advisories pertaining to several security vulnerabilities identified in certain patient monitoring and medical device interface products from the manufacturer.

Exploitation could allow attackers to access patient data, launch denial of service attacks and more, they warn. The advisories pertain to vulnerabilities in Philips' Patient Information Center iX (PIC iX) and Efficia CM Series patient monitoring software and the company's IntelliBridge EC40 and EC80 systems - C.00.04 and prior versions, which are interfacing products to transfer data from point-of-care medical devices to hospitals' other information systems.

Benjamin Denkers, CIO Privacy and Security at CynergisTek, discusses vulnerabilities identified in the Philips products and common issues in many medical devices.

Read the full article here.

About the Author

CynergisTek is a top-ranked cybersecurity consulting firm dedicated to serving the information assurance needs of healthcare. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, and compliance goals. The company has been recognized by KLAS in the 2016 and 2018 Cybersecurity reports as a top performing firm in healthcare cybersecurity, as well as the 2017 Best in KLAS winner for Cybersecurity Advisory Services.
Follow on Twitter Follow on Linkedin Visit Website More Content by CynergisTek, Inc.

Insights Center

Philips, CISA Warn of Medical Device Product Security Flaws

About the Author

Previous Article

Next Article

Philips, CISA Warn of Medical Device Product Security Flaws

About the Author

Previous Article

Next Article

Most Recent Articles

Thomas Graham, Chief Information Security Officer for CynergisTek discusses healthcare workers and the current climate.

New guidance from the Cloud Security Alliance aims to support delivery organizations with assessing and managing cybersecurity risks to the healthcare supply chain.

Dave Bailey, Vice President of Security Services discusses developing and maintaining solid security practices.

In this episode, we discuss with Mac areas where our industry needs to do a better job of testing our controls and environment instead of completely trusting them to do what we think.

Mac McMillan discusses the speed in which cyber security is increasing.

Andrew Mahler discusses the existing challenges with HIPAA compliance and current state regulations will only compound further as regulating.

Mac McMillan discusses the FDA's new guidance and the progress we have made over the last decade in talking about and raising issues with medical device security.

Mac McMillan shared his perspectives on the potential for the Russian invasion of Ukraine to indirectly impact IT in the U.S. healthcare system, particularly with regard to supply chain.

Mac McMillan, CEO of CynergisTek discusses the possibility of cyberattacks beginning and how no one can tell for sure how wide the fallout could be.

Mac McMillan, CEO of CynergisTek discusses the possibility of cyberattacks beginning and how no one can tell for sure how wide the fallout might be.

KLAS named Medigate, Ordr, and Armis as top healthcare IoT security vendors, all of which can help organizations manage connected device security risks.

Andrew Mahler discusses the growing number of challenges healthcare organizations related to protecting the privacy of data and ensuring certain rights of patients, members, and consumers.

Andrew Mahler, Director of Privacy, Compliance and Managed Services at CynergisTek discusses privacy frameworks and the increased regulatory enforcement within the healthcare sector.

HIT Consultant reached out to six healthcare executives, including MAc McMillan CEO of CynergisTek, for their trends and predictions on healthcare cybersecurity and ransomware to watch in 2022.

Mac McMillan discusses healthcare providers and their need to devote more resources to preventing cybersecurity attacks.

Benjamin Denkers, CIO Privacy and Security discusses ransomware and how compromising a larger healthcare organization can provide attackers with more leverage.

Mac McMillan, CEO of CynergisTek discusses the intensifying set of cybersecurity threats facing patient care organizations nationwide.

Mac McMillan, CEO of CynergisTek discusses cybersecurity attacks and breaches of the past few months as pointing up a key lesson for health system leaders.

Mac McMillan, president and CEO at CynergisTek breaks down seven cybersecurity trends healthcare organizations must focus on in 2022.

Mac McMillan interview with HealthITSecurity is quoted discussing the new year, ransomware operators will shift their focus away from encryption and on to data exfiltration.