FDA warns from cybersecurity vulnerabilities in certain GE medical devices

The FDA issued a safety communication alerting health care providers, facilities and patients about cybersecurity vulnerabilities identified for certain GE Healthcare Clinical Information Central Stations and Telemetry Servers. These devices are usually used for displaying patient information (e.g. temperature, heartbeat, blood pressure, etc.), and monitoring patient status from another location such as a nurse’s bay. These vulnerabilities could enable a remote take over of the device to silence alarms, generate false alarms or interfere with the functioning of monitors connected to these devices. So far, no information was received concerning actual harm or malfunction caused by these vulnerabilities.