[ISN] VA Security Compromised By Medical Devices

From: InfoSec News <alerts_at_private>
Date: Wed, 26 May 2010 00:46:34 -0500 (CDT)
http://www.informationweek.com/news/healthcare/security-privacy/showArticle.jhtml?articleID=225200097

By Nicole Lewis
InformationWeek
May 25, 2010

At a congressional hearing last week, Roger Baker, assistant secretary 
for information and technology at the Department of Veterans Affairs, 
said during the past 14 months more than 122 medical devices have been 
compromised by malware.

Baker, who testified before the House Committee on Veterans' Affairs 
Subcommittee on Oversight and Investigations, said one of the "critical 
challenges" facing the department is protecting its medical devices from 
cyber threats.

"The major challenge with securing medical devices is that, because 
their operation must be certified, the application of operating system 
patches and malware protection updates is tightly restricted," Baker 
said. "This inherent vulnerability can increase the potential for cyber 
attacks on the VA trusted network by creating risk to patient safety," 
Baker added.

The VA defines a medical device as any device used in patient healthcare 
for diagnoses, treatment, or monitoring, or that has gone through the 
Food and Drug Administration's premarket review process. The VA is the 
federal government's largest medical care provider and has more than 
50,000 networked medical devices.

[...]


_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/ 
Received on Tue May 25 2010 - 22:46:34 PDT

This archive was generated by hypermail 2.2.0 : Tue May 25 2010 - 22:52:25 PDT