It’s no surprise that patient health data collected by Chinese-made health monitors is being sent to China through a ‘backdoor’, given the widespread hacking activities in the U.S. Now, not only does China have access to sensitive information like Janet Yellen’s photos, but they also have your blood pressure readings on a random Tuesday.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Contec CMS8000 patient monitoring device, revealing that it contains a backdoor that transmits patient data to a remote IP address linked to a Chinese university. This backdoor also allows for remote execution and full control of the patient monitors.
Contec, a China-based healthcare tech company, produces various medical devices, including the CMS8000 monitor. CISA discovered the backdoor in the device’s firmware after being alerted by an external researcher. The firmware enables the device to transmit patient data to the hardcoded IP address upon startup without leaving any logs.
Further investigations by BleepingComputer revealed that the same IP address is linked to other medical devices, including a pregnancy monitor. The FDA confirmed that the backdoor also exists in Epsimed MN-120 monitors, which are rebranded versions of the Contec CMS8000.
According to the BleepingComputer report, the backdoor in the Contec CMS8000 monitor’s firmware allows for the execution of Linux commands that mount a remote NFS share at the hardcoded IP address belonging to the Chinese university. This backdoor poses a significant security risk as it allows for the remote takeover and alteration of the device’s configuration.
CISA emphasized the danger posed by the backdoor, stating that it could potentially allow a third party operating at the hardcoded IP address to take full control of the device remotely. This highlights the importance of vigilance when it comes to cybersecurity in the healthcare industry.
For more technical details on the backdoor found in the healthcare patient monitors, you can refer to the BleepingComputer report here. And as always, be cautious about sharing your personal data online to avoid falling victim to such security breaches.