As much attention as the recent, worldwide “Wannacry” ransomware attack got for bringing the UK’s health system to its knees and idling factories around the globe, it had another, less noticed, but no less important and terrifying impact.
An unnamed source recently released a screenshot of a “smart” medical device that had been locked and rendered inaccessible, thanks to the malware.
The device, a Bayer Medrad, which is used for imaging MRIs, is one of two devices known to have been hacked. The company assured the public that both devices saw functionality restored within 24 hours, but this event raises a pair of important issues.
First, “smart” devices don’t really deserve the name. Yes, they’re internet capable, but smart, they are not.
Worse, almost none of the smart devices being made and sold today have any protection or security at all. The few that do boast some sort of security only offer basic, bare bones, primitive protections that any teen-aged hacker with a limited tool set could circumvent.
That brings us to the much larger and more ominous second problem. An increasing number of peoples’ lives literally depend on the proper functioning of these devices. We have now entered an era where a computer virus can kill a human being.
Imagine being hooked up to a machine, without which, you may die. Now imagine that machine being infected by malware, with the hackers demanding hundreds of dollars to restore its functionality.
It’s no longer a question of if that will eventually lead to a death, it’s a matter of when. The worst part is that we could be doing much more to make those kinds of attacks harder, and we’re not. Thus far, the makers of smart devices have been largely uninterested in bolstering security on the products they sell, and one day, probably in the not-too-distant future, someone is going to pay with their life for the lack of foresight.