The famous medical screen is the latest device to be produced in China to receive an audit of its potential electronic risks. However, it is not the only healthy device that should be anxious. Experts say that the spread of Chinese healthcare devices in the American medical system is a cause of concern across the entire ecosystem.

Contec CMS8000 is a famous medical screen that tracks the patient’s vital signs. The device follows the heart imaging, the heart rate, the saturation of blood oxygen, the uninvited blood pressure, the temperature, and the rate of breathing. In recent months, Food and Drug Administration The CISA and Infrastructure Security Agency (CISA) alike Beware of “back door” In the device, “an easy -to -dispense vulnerability can allow a bad actor to change its composition.”

The CISA research team described “abnormal traffic” and rear paper “allows the device to download and implement files from a distance other than verify them” to the IP address is not related to the medical device factory or medical facility but a third party university-“very unusual properties” conflicts with acceptable practices Generally, “especially for medical devices.”

“When the job is performed, the files on the device are written by force, which prevents the final customer – like the hospital – from maintaining awareness of the program that works on the device,” Cisa wrote.

Warnings say that this change in training may lead, for example, that the screen says that the kidneys of the patient are disrupted or failing to breathe, and this may cause it to manage unnecessary treatments that can be harmful.

Weak Cintec Medical equipment and IT experts who have warned for years not surprised that the safety of medical devices is very relaxed.

Hospitals are concerned about Internet risks

“This is a huge gap about the explosion,” said Christopher Kaufman, a professor at Westclip University at Irvin, California, who specializes in information technology and sabotage techniques. He specifically refers to the security gap in many medical devices.

The American Hospitals Association, which represents more than 5,000 hospitals and clinics in the United States. It sees the spread of Chinese medical devices as a serious threat to the system.

As for the contec screens specifically, AHA says the problem needs to be addressed urgently.

“We have to put this in the upper part of the list because of the possibility of damage to the patient, we have to escalate before penetration,” said John Regi, National Cyber ​​Security Adviser and the danger of the American Hospital Association. Regi also served in the anti -terrorist roles at the FBI before joining AHA.

Cisa notes that there is no correction of programs to help reduce this risk, but in its consultant she said that the government is currently working with Con CENEC.

Contecic, its headquarters in Qinhuangdao, China, has not returned a request for comment.

One of the problems is that it is not known that the number of screens in the United States is not known

“We do not know because of the huge size of the equipment in hospitals. We expect that there will be, in a conservative way, thousands of these screens; this is a very big weakness,” he said, adding that Chinese access to devices can pose strategy, technical risks, and the supply chain .

In the short term, the Food and Drug Administration advised medical systems and patients to ensure that the devices only operate locally or to disable any remote monitoring; Or if the remote monitoring is the only option, to stop using the device if there is an alternative. The Food and Drug Administration (FDA) said it has not yet realized any accidents, injuries, injuries or weaknesses related to weakness.

The American Hospital Association told its members that until a correction is available, hospitals must ensure that the screen no longer has access to the Internet, which is fragmented by the rest of the network.

Regey said that Contecic screens are a major example of what we often do not take between the risks of health care, it extends to a group of medical equipment produced abroad. He explained that American hospitals suffering from financial distress buy medical devices from China, a country that has a history of stabilizing the destructive programs within the critical infrastructure of low -cost equipment in the United States, buy Chinese access to a set of American medical information that can be Restore and assemble them for all types of purposes. Rigi says that data is often transmitted to China with the declared purpose of monitoring the performance of the device, but little is known about what is happening for data that exceeds this.

Rigi says that individuals are not at an acute medical risk as much as the information is collected and collected to reuse the larger medical system. However, it indicates that, at least in theory, it cannot be excluded that prominent Americans with medical devices can target the disorder.

“When we talk to hospitals, the executives were surprised, and they had no idea about the dangers of these devices, so we help them understand. The question about the government is how to stimulate local production, away from abroad,” he said.

Collect Chinese data on Americans

Contestic warning is similar at the general level of Tiktok, Dibsicand TP-Link routersAnd other devices and technology from China that the United States government says it collects data on Americans. “This is all I need to hear in a report if I was going to buy medical devices from China,” he said.

Aras Nazarovas, CyberNews Information Researcher, agrees that the threat of Cisa raises serious issues to be addressed.

“We have a lot of fear,” Nazarovas said. Medical devices, such as contec CMS8000, can often access the patient data very sensitive and connect directly to life saving functions. Nazarovas says that when the devices are defined badly, they become an easy prey for infiltrators who can handle the offered data, change the vital settings, or completely disable the device, “Nazarovas says.

“In some cases, these devices are so badly protected that the attackers can reach a distance and change how the device works without knowing the hospital or patients at all.”

The consequences of exposure to hunting and weakness in a group of Chinese Chinese medical devices can be easily threatened with life. “Imagine a patient screen that stops alerting doctors to a decrease in the patient’s heart rate or sends incorrect readings, which leads to a diagnosis of delay or wrong.” Nazarovas added that contec CMS8000 and Epsimed MN-120 (a different commercial name for the same technology), “can be used as an entry point in the hospital network.”

More hospitals and clinics are attention. Bartette Regional Hospital in Juno, Alaska, Contec, but always looking for risks. “Regular monitoring is very important with the increased risk of cybersecurity attacks on hospitals,” says Irene Hardin, a spokeswoman for Bartlette.

However, regular monitoring may not be sufficient as long as devices are made of bad security.

Kaufman says, which is likely to make matters worse, is that the Ministry of Governmental efficiency surpasses the departments responsible for protecting these devices. According to Associated Press, Many of the recent layoffs in the Food and Drug Administration are employees who review the safety of medical devices.

He says that Kaufman regrets the possible deficiency of government supervision of what is already loosely organized. US government accountability office a report As of January 2022, he indicated that 53 % of connected medical devices and other Internet Internet devices in hospitals were known critical weaknesses. He says the problem has been getting worse since then. “I am not sure, which will let him run these agencies,” Kaufman said.

“The problems of the widespread medical devices have been famous for now,” said Silas Kotler, a security researcher at the medical data company. “The truth is that the consequences can be harsh-even fatal. While prominent individuals are in an increased danger, the most influential are hospital systems themselves, with successive effects on ordinary patients.”