Critical vulnerabilities uncovered in hospital robots

Vendor Aethon has patched five critical vulnerabilities in hospital robots used to deliver medical supplies.

The world of health-related cybersecurity issues is still relatively untouched. In recent years, we’ve seen the impact of ransomware outbreaks in hospitals; software vulnerabilities including those that could, in theory, stop a pacemaker from working, and countless patient data leaks at providers worldwide.

However, unless there’s a clear-cut financial benefit, many cyberattackers will ignore medical devices in favor of hitting businesses likely to provide them with illicit revenue.

This doesn’t mean that vendors, or defenders, should ignore vulnerabilities and security issues surrounding medicine, especially as digital health, personalized medicine, and remote care continue to develop.

Medical devices can fall short of adequate security measures, as recently revealed in Cynerio‘s public disclosure of Jekyllbot:5 (.PDF), five critical vulnerabilities in Aethon TUG robots.

Read on: Black Hat: How your pacemaker could become an insider threat to national security

Aethon’s mobile robots are autonomous devices used by hundreds of hospitals to perform basic, repetitive tasks to augment existing workforces.

TUGs run errands including medicine delivery, cleaning, and dropping off linen and other supplies to healthcare professionals. Stanford is a healthcare provider that uses the robots in drug deliveries, which

Read More: