A vulnerability in the RWHAT networking protocol for Internet of Things (IoT) devices could allow hackers to falsify a patient’s vital signs on their hospital bedside monitor in under five seconds, according to new research from McAfee’s Advanced Threat Research team.
The research, detailed in a Saturday blog post, noted that the attack could be used to cause physical harm to the patient.
Dr. Shaun Nordeck, quoted in the post, said that vital signs are “integral to clinical decision making.” Often, those signs are used to make quick decisions about a patient’s care and, if incorrect, could have dire consequences.
SEE: Electronic data retention policy (Tech Pro Research)
A press email on the research posed the following question: “What if these devices indicate a patient was peacefully resting, when in fact they are under cardiac arrest?”
The vulnerability could also allow rogue devices to be placed on the network as well, and imitate patient monitors, the post noted.
Both emulating a monitor and altering vitals have to do with the handshake that occurs between the bedside monitor and a central monitoring station. The emulation happens by hacking the handshake itself, while the vitals attack happens after the handshake has taken place, the post said.
If changes to vitals occur, they might not always be verified by medical staff. However, if the heart rhythms are altered, for example, it could “lead to extended hospitalization, additional testing, and side effects from medications prescribed to control heart rhythm and/or prevent clots,” Nordeck said in the post.
Nordeck also noted that the hospital could “suffer resource consumption,” as changes in heartbeat could lead to doctors being paged, additional tests being conducted, and more.
The big takeaways for tech leaders:
- A vulnerability in the RWHAT networking protocol for IoT devices puts many medical devices at risk for cyberattack.
- By attacking a vulnerability in the RWHAT networking protocol, hackers can falsify a patient’s vital signs in near real-time.