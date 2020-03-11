It has been reported that a huge proportion of internet-connected imaging devices at hospitals run outdated operating systems, according to research released today. The researchers found that 83% of these devices run on outdated software that can’t be updated even when it contains known vulnerabilities that hackers can exploit. The number increased significantly from 2018, which coincides with Microsoft ending support for Windows 7 earlier this year. A significant number of machines run even older operating systems, including Windows XP, which Microsoft stopped supporting in 2014. The imaging devices include machines that take X-rays, MRIs, mammograms and CAT scans.
EXPERTS COMMENTS
Jonathan Knudsen, Senior Security Strategist , Synopsys
March 11, 2020
For healthcare providers, the best option available is often containment.
Healthcare providers face many of the same software security challenges as everyone else. This includes having an inventory of assets, understanding what software is running where, and applying updates expeditiously. Keeping devices and systems up to date is good security hygiene, but it can be challenging in a healthcare environment. Patient safety is paramount, so an attitude of “if it ain’ ....Healthcare providers face many of the same software security challenges as everyone else. This includes having an inventory of assets, understanding what software is running where, and applying updates expeditiously. Keeping devices and systems up to date is good security hygiene, but it can be challenging in a healthcare environment. Patient safety is paramount, so an attitude of “if it ain’t broke, don’t fix it” often prevails. Unfortunately, this is exactly opposite to software—if it ain’t broke, it will be soon. The situation is more complicated for device manufacturers, where an update to software or the underlying operating system might have regulatory consequences. This means that device manufacturers might be slow to produce updates, leaving devices and systems vulnerable in the meantime. For healthcare providers, the best option available is often containment. If a device is running an operating system version with known vulnerabilities and no update is available yet, then the best option might be to remove that device from the network, or place it on its own network segment and protect it with a firewall, or limit access in some other way. For device manufacturers and software providers, carefully managing a software bill of materials and monitoring for new vulnerabilities is the proactive approach that will produce the best results for customers and patients.
[Read More >>]
[Read More >>]
If you are an expert on this topic:
SUBSCRIBE to alert when new comments are posted on this news. :
[Read More >>]