Dawn Kawamoto reports:
An attack on a single IV infusion pump or digital smart pen can be leveraged to a widespread breach that exposes patient records, according to a Spirent SecurityLabs researcher.
Saurabh Harit, managing consultant with Spirent, will present his findings on flaws in IV infusion pumps and digital smart pens at Black Hat Europe this week.
Perpetuators can use this patient information to file false insurance claims as well as to buy medical equipment and drugs using a fake ID. These products are then easily sold on the black market, Harit says. What makes medical data more lucrative than the financial data is the low and slow detection rate of the fraud itself. While a credit card fraud can be detected and blocked in a matter of minutes these days, medical data fraud can go undetected for months, if not more.
Read more on Dark Reading.