MaScarPone
MedicAl SCAnneR POwNagE – analysing the IT security of a connected medical device
Context
In hospital context, there is little emphasis put on IT security.
Medical devices are more and more connected and rely on IT. They must therefore be secure enough to assure patients safety also from an IT point of view, which means being resilient to digital threats.
Threats
Most common threats are simple incidents, human mistakes, power surge or outage. However, a more threatening scenario is an attack from hackers.
If a hacker can access the system or network, data may be stolen, vital devices may be blocked, and the hospital and patients lives may be endangered.
Objective
Following the I Am The Cavalry’s “Hippocratic Oath for Connected Medical Devices” [ www.iamthecavalry.org ], the project MaScarPone aims at analysing and enhancing the security of medical devices, and at raising awareness amongst health professionals.
Process
DR (Digital Radiography) systems are becoming very common.
They usually include wireless communication, private data storage and a connected computer, and are physically accessible with few efforts.
Our project’s aim is to assess and test the security of all these elements.