With the healthcare sector more vulnerable to cyberattacks than ever, the FBI’s Internet Crime Complaint Center (IC3) has released a report spotlighting the cyber concerns of legacy medical devices, which use outdated software and weren’t designed with cybersecurity in mind.
IC3 stated in the report that while device hardware can be used for as long as 10 or even 30 years, the underlying software life cycles are specified by manufacturers and can range from a few months to the full life expectancy of a device. This gives threat actors time to discover and exploit vulnerabilities.
“Legacy medical devices contain outdated software because they do not receive manufacturer support for patches or updates, making them especially vulnerable to cyber attacks,” the report stated.
The FBI recommends that medical device makers create an “electronic inventory management system” for medical devices and associated software that includes vendor-developed software components, operating systems, versions and model numbers.
Read the full article on MedTechDive.com