Cybersecurity vulnerabilities revealed in General Electric anesthesia devices

General Electric (GE) Healthcare and the US Department of Homeland Security each issued advisories alerting healthcare organisations about a security vulnerability discovered in GE anesthesia devices. This vulnerability could enable an attacker to remotely control and change the parameters of an anesthesia device. According to the recommended mitigation steps, health organisations should only use secure terminal servers when connecting these devices to TCP/IP networks.