The RAPS store will be under maintenance Saturday, 29 February between 6 AM and 12 PM EST. Store functionality may be unavailable at times during this window.
We apologize for any inconvenience caused during this time.

Regulatory Focus™ > News Articles > 2020 > 1 > FDA Warns of Cyber Risks With Certain GE Devices

FDA Warns of Cyber Risks With Certain GE Devices

Posted 23 January 2020 | By Zachary Brennan 

FDA Warns of Cyber Risks With Certain GE Devices

The US Food and Drug Administration (FDA) on Thursday warned that several GE Healthcare devices could be hacked to silence alarms connected to the devices, generate false alarms and interfere with alarms of patient monitors connected to these devices.

The warning concerns GE’s Clinical Information Central Stations and Telemetry Servers, which FDA says are mostly used for displaying information such as a patient’s temperature, heartbeat and blood pressure, as well as monitoring a patient’s status from a central location in a facility, such as a nurse’s workstation.

The vulnerabilities were first reported to GE by the security firm CyberMDX, although GE said there have been no reported cyberattacks or any reported injuries associated with any of these vulnerabilities. The company also said the devices can continue to be used and hospitals should properly configure the devices’ Mission Critical (MC) and/or Information Exchange (IX) networks to ensure their isolation so that a potential hacker would need to gain physical access to the devices in order to exploit them.

GE also said it is developing software updates/patches including additional security enhancements that will be made available. 

Recently, FDA has also raised concerns and alerted medical device manufacturers and other stakeholders to 11 cyber vulnerabilities, in addition to specific ones for Medtronic insulin pumps and implantable cardiac devices.

FDA

GE Update

FDA on Cybersecurity
 

Regulatory Focus newsletters

All the biggest regulatory news and happenings.

Subscribe