Following the WannaCry ransomware epidemic, Internet of Things (IoT) security specialist ZingBox is offering healthcare organizations free access its security service, the company announced today.
WannaCry was a wake-up call, not only for the IT security industry, but also healthcare companies. Although the ransomware, traced to a group called Hidden Cobra, primarily targets exploits in outdated or unpatched Windows systems–exploits that stolen from the U.S. National Security Agency (NSA)–the fear is that the tactics used in the WannaCry attack may be a stepping stone to other attacks on IoT devices.
Needless to say, today's hospitals, clinics and other health facilities are teeming with connected, life-saving devices that may be sharing the same network as vulnerable PCs.
"The recent attacks from Hidden Cobra targets unsupported/legacy Microsoft OS [operating systems] in a similar fashion as the WannaCry ransomware. However, simply patching the OS will yield limited success since Hidden Cobra groups are also known to exploit vulnerabilities in several applications," explained Xu Zou, CEO and co-founder of ZingBox. "Microsoft Silverlight and Adobe Flash Player are some of the notable applications targeted by Hidden Cobra."https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
Both technologies are commonly used in web browsers, but the threat can spread well beyond a PC.
"Any connected medical devices with browser capabilities are vulnerable to the latest threats from Hidden Cobra. However, a more common scenario is one in which PCs or laptops are connected to the same network as the connected medical devices," said Zou.
"In such scenario, a successful infection of just one PC or laptop will serve as a launching point for a massive wave of attack against all connected medical devices," he warned.
Attackers may find a way to shutting down medical equipment, but it's a better outcome than the alternative.
"Believe it or not, the best scenario for such an attack is resulting in connected medical devices being rendered inoperable," Zou said. "The worst case is the attack going unnoticed and incorrect medications being prescribed to patients with disastrous results."
ZingBox's software-as-a-service (SaaS) platform, IoT Guardian, takes a two-pronged approach to combating IoT threats. For starters, it detects infected devices which can then be quarantined to avoid the spread of malware. The solution also monitors network traffic, uncovering attacks originating from infected PCs that target connected medical devices, Zou said.
After the WannaCry epidemic, ZingBox was flooded with requests from healthcare organizations, Zou reported. He and his team took that as a sign "that many organizations are struggling to answer some of the basic questions such as how many connected devices they have, what type of devices they have, and which networks the devices are connected to," and sprang to action.
Healthcare organizations interested in free access to IoT Guardian for a limited time can contact ZingBox here.
"We hope these organizations can leverage our solution to protect their overall IoT environment as they formulate a long-term strategy," added Zou. "Even if they use the solution only to get an accurate view of their IoT environment, I believe we are helping them get over their first major hurdle."