Submitted by CrankyBear t3_zsuzg3 in technology
cuisinedossier t1_j1bflkg wrote
Reply to comment by HanaBothWays in Brooklyn hospital network reverts to paper charts for weeks after cyberattack by CrankyBear
>but if you are a hospital system and say something like “our IT system got locked with ransomware because of an insecure GE device,” GE will sue you into bankruptcy, so nobody dares to say anything and the problem does not get fixed.
this sort of thing is probably everything
HanaBothWays t1_j1bg96n wrote
It’s kind of unique to medical devices. You can talk about Windows or Oracle databases having bad vulnerabilities and how you traced a hack of your company to that and they won’t come down on you like a ton of bricks, but it’s different if you say it was unnecessarily open ports (that you couldn’t close) in X company’s heart monitor.
This has gotten better in the past decade or so. There are better standards for manufacturers to secure medical devices and more established practices for hospitals to patch them and such (because you don’t want a ventilator to go through a patching cycle while a patient is using it, ya know?), but it’s still bad out there for this and other reasons.
Viewing a single comment thread. View all comments