The website of the Clinical Services Journal

Cyber security risks in medical equipment

The WannaCry ransomware attack caused chaos for those attempting to assess the vulnerability of medical equipment. Paul A Blackett, medical engineering operations manager and M.Wilkinson, medical engineering projects and planning officer at Lancashire Teaching Hospitals NHS Foundation Trust, provide insight into a classification system that has been developed to aid practical assessments.

The Attack

Those unfortunate enough to be caught up in the WannaCry ransomware attack in May 2017 will no doubt remember the difficulties in assessing if medical equipment was going to be vulnerable to infection. It was a sharp wake up call for many people. According to DigitalHealth (2017), at least 1220 pieces of NHS diagnostic equipment were affected by the outbreak.

The initial response to such an attack is often to disconnect network connections as quickly as possible, whether or not equipment is vulnerable to such attacks. Although this reduces the risk of possible infection, it also severely restricts the usefulness of this medical equipment in the clinical pathway and in some cases a quick disconnection cannot be done easily due to ‘always on’ wifi connectivity in use. With the increased focus on cyber security in the world of internet connected technologies, obviously a good understanding of medical equipment cyber-vulnerabilities has to be obtained to respond in an efficient, safe and controlled manner. Without this understanding, expensive medical equipment might be needlessly isolated or remain unused until investigation is undertaken and it is either cleared for use, or patched, affecting the care available to patients.

Log in or register FREE to read the rest

This story is Premium Content and is only available to registered users. Please log in at the top of the page to view the full text. If you don't already have an account, please register with us completely free of charge.
Register

Upcoming Events

Central Sterilising Club - Annual Scientific Meeting 2024

Crowne Plaza at Gerrard’s Cross
15th April 2024 – 16th April 2024

DECON UK 2024

National Conference Centre, Birmingham
17th April 2024

Infection Prevention & Control

National Conference Centre, Birmingham
23rd - 24th April 2024

Theatres & Decontamination Conference 2024

Coventry Building Society Arena
16th May 2024

The AfPP Roadshow - Birmingham

Millennium Point, Birmingham
18th May 2024

The AfPP Roadshow - Exeter

University of Exeter
22nd June 2024

Access the latest issue of Clinical Services Journal on your mobile device together with an archive of back issues.

Download the FREE Clinical Services Journal app from your device's App store

Upcoming Events

Central Sterilising Club - Annual Scientific Meeting 2024

Crowne Plaza at Gerrard’s Cross
15th April 2024 – 16th April 2024

DECON UK 2024

National Conference Centre, Birmingham
17th April 2024

Infection Prevention & Control

National Conference Centre, Birmingham
23rd - 24th April 2024

Theatres & Decontamination Conference 2024

Coventry Building Society Arena
16th May 2024

The AfPP Roadshow - Birmingham

Millennium Point, Birmingham
18th May 2024

The AfPP Roadshow - Exeter

University of Exeter
22nd June 2024

Access the latest issue of Clinical Services Journal on your mobile device together with an archive of back issues.

Download the FREE Clinical Services Journal app from your device's App store

Step Communications Ltd, Step House, North Farm Road, Tunbridge Wells, Kent TN2 3DR
Tel: 01892 779999
www.step-communications.com
© 2024 Step Communications Ltd. Registered in England. Registration Number 3893025