News, Culture & Society

Hacker alert for hospitals as report warns devices could be hit

HACKERS could turn off life-saving medical devices in hospital connected to the internet, a report warns.

Internet enabled devices in hospitals and the home are vulnerable to being hacked and could put people’s lives at risk, the report warns.

Now a report by the Royal Academy of Engineering warns that not enough is being done to protect the UK from a hostile cyber-strike.

Ever greater numbers of devices are have been identified as being at risks (file picture)

The report said: ‘Cyberattacks on connected health devices are of increasing concern as they could have severe consequences on patient safety.

‘Ever greater numbers of health devices have been identified as being potentially at risk, including pacemakers and MRI scanners.’   

Interfering with an MRI scanner over the internet could create a false reading – suggesting a result was clear when it was not – or the opposite.

Other devices include drug pumps – allowing remotely based wrongdoers to cause fatal overdoses.’

One of the report’s authors, Paul Taylor, lead partner in Cyber Security at KPMG said: ‘Government needs to consider whether existing regulation is fit for purpose’.

The report is of concern as the NHS is already aware of its vulnerability to cyber attack.

Hackers last year affected a third of NHS trusts in England – which were targeted with ‘ransom’ software called WannaCry, resulting in 6,900 NHS appointments being cancelled.

The government needs to consider whether its defences against cyber attack are adequate (file picture)

The government needs to consider whether its defences against cyber attack are adequate (file picture)

As well as potentially being used by an attack by a foreign government – internet enabled devices can be used as a way in to access data, the report said.

Researchers warned that internet enabled devices could easily be hi-jacked so that people could spy on your home – for instance ‘smart’ lightbulbs that can be controlled by voice commands could be used to listen in to conversations.

Electricity sockets that can be switched on remotely could turn on appliances which could cause fires.

Professor Nick Jennings, Vice Provost at Imperial College London, lead author of the report said that manufacturers and retailers need to make sure all internet-enabled products are safe.

Simple steps can prevent home internet devices being hijacked, Professor Jennings said.

He said: ‘Don’t give guests your wifi password. My son brings over his friends and they all seem quite nice.

‘But they could all be budding hackers and could misuse your network. Or they could pass on the password.

‘So I would recommend people set up a guest network in their house – and let guests log into that.’ He said most Wifi routers can be set up to run two networks – one for guests and a private one – and this would make it difficult for any guests to steal data – or control internet-enabled devices.

But he conceded that ‘most people don’t have the skills required to set these things up’ ‘It is worrying that there is a low level of data literacy. We should be teaching it from primary school.’ He added that internet products should have a ‘kite-mark’ that showed they have been set up to be hard to hack into.