Philips, CISA Warn of Medical Device Product Security Flaws

November 22, 2021 CynergisTek, Inc.

Exploitation Could Allow Access to Patient Data, Denial of Service Attacks

Certain Philips' patient monitoring products are the subject of new security alerts from the manufacturer and CISA.

Federal regulators and Philips this week issued advisories pertaining to several security vulnerabilities identified in certain patient monitoring and medical device interface products from the manufacturer.

Exploitation could allow attackers to access patient data, launch denial of service attacks and more, they warn. The advisories pertain to vulnerabilities in Philips' Patient Information Center iX (PIC iX) and Efficia CM Series patient monitoring software and the company's IntelliBridge EC40 and EC80 systems - C.00.04 and prior versions, which are interfacing products to transfer data from point-of-care medical devices to hospitals' other information systems.

Benjamin Denkers, CIO Privacy and Security at CynergisTek, discusses vulnerabilities identified in the Philips products and common issues in many medical devices.

Read the full article here.

About the Author

CynergisTek is a top-ranked cybersecurity consulting firm dedicated to serving the information assurance needs of healthcare. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, and compliance goals. The company has been recognized by KLAS in the 2016 and 2018 Cybersecurity reports as a top performing firm in healthcare cybersecurity, as well as the 2017 Best in KLAS winner for Cybersecurity Advisory Services.
Follow on Twitter Follow on Linkedin Visit Website More Content by CynergisTek, Inc.

Insights Center

Philips, CISA Warn of Medical Device Product Security Flaws

About the Author

Previous Article

Next Article

Philips, CISA Warn of Medical Device Product Security Flaws

About the Author

Previous Article

Next Article

Most Recent Articles

A Texas clinic has the all-too-common problem of obsolete equipment leading to security vulnerabilities.

A host of cutting-edge technologies like A.I & nanomedicine contain the potential to revolutionize patient care, but federal authorities are warning medical practices to evaluate the associated risks.

Ben Denkers discusses the detrimental impact of cyber attacks on medical devices.

With a dearth of resources, the Office for Civil Rights is struggling with an overflowing caseload.

The national network for connecting medical centers with donated human organs faces doubts about its ability to secure data amid mounting concerns over its IT infrastructure.

A new report by KLAS examines several such firms to determine who effectively assists in reducing risk, engages closely with clients, and exceeds expectations.

Dave Bailey, Vice President of Security Services discusses how Healthcare sector entities are a ripe target for social engineering schemes for an assortment of reasons

Dave Bailey Explains cyber insurance carriers are telling potential clients they must add specific security elements or they won’t be able to provide coverage or will have to charge a high rate.

Ben Denkers discusses healthcare's unique position when it comes to big tech.

Thirty-six cybersecurity-related merger and acquisition (M&A) deals were announced in May 2022.

Ben Denkers, CIO of CynergisTek discusses steps healthcare cybersecurity leaders can follow these four steps to improve their security posture in the face of cyberattacks.

Thomas Graham, Chief Information Security Officer for CynergisTek discusses healthcare workers and the current climate.

New guidance from the Cloud Security Alliance aims to support delivery organizations with assessing and managing cybersecurity risks to the healthcare supply chain.

Dave Bailey, Vice President of Security Services discusses developing and maintaining solid security practices.

In this episode, we discuss with Mac areas where our industry needs to do a better job of testing our controls and environment instead of completely trusting them to do what we think.

Mac McMillan discusses the speed in which cyber security is increasing.

Andrew Mahler discusses the existing challenges with HIPAA compliance and current state regulations will only compound further as regulating.

Mac McMillan discusses the FDA's new guidance and the progress we have made over the last decade in talking about and raising issues with medical device security.

Mac McMillan shared his perspectives on the potential for the Russian invasion of Ukraine to indirectly impact IT in the U.S. healthcare system, particularly with regard to supply chain.

Mac McMillan, CEO of CynergisTek discusses the possibility of cyberattacks beginning and how no one can tell for sure how wide the fallout could be.