A popular medical monitor is the latest in China that is under scrutiny for its potential cyber risks. However, this is not the only health device we should focus on. Experts say the spread of Chinese healthcare equipment in the U.S. healthcare system is a reason for concern throughout the ecosystem.
The CONTEC CMS8000 is a popular medical monitor that tracks patient vital signs. The device tracks ECG, heart rate, blood oxygen saturation, non-invasive blood pressure, temperature and respiration rate. In recent months FDA and Cybersecurity and Infrastructure Security Agency (CISA) Warning of the “backdoor” In the device, “easy to explore vulnerabilities that can make bad actors change their configuration”.
CISA’s research team described “abnormal network traffic” and backdoors that allow the device to download and execute unverified remote files “IP addresses that are not related to medical device manufacturers or medical institutions, but third-party universities – “highly unusual” Features “This goes against recognized practice, “especially for medical devices.”
“After performing this function, files on the device are forcibly overwritten, thus preventing end customers (such as hospitals) from maintaining awareness of the software running on the device,” CISA wrote.
Warning that such configuration changes may cause monitors to say the patient’s kidneys are malfunctioning or breathing failure, which may lead to medical staff managing unwanted and unwanted remedies that may be harmful.
CONTEC’s vulnerability is not surprising, and IT experts have warned over the years that medical equipment has been too slack in safety.
Hospitals worry about cyber risks
“It’s a huge gap and is about to explode,” said Christopher Kaufman, a business professor at Westcliff University in Irving, California, who specializes in it and destructive technology, specifically mentioning many Safety gaps in medical equipment.
The American Hospital Association represents more than 5,000 hospitals and clinics in the United States. It believes that the spread of medical equipment in China is a serious threat to the system.
As for the CONTEC monitor, AHA said there is a urgent need to solve the problem.
“We have to put it on the list’s potential; we have to tinker before hacking,” said John Riggi, a national consultant for cybersecurity and risk at the American Hospital Association. Riggi also served as the AHA before joining the AHA. FBI counter-terrorism role.
CISA reported that there are no software patches that can help reduce this risk, but said in its consultation that the government is currently working with CONTEC.
CONTEC, headquartered in Qinhuangdao, China, did not return a request for comment.
One of the questions is how many monitors are unknown in the United States
“We don’t know because of the large amount of equipment in the hospital. We speculate that there are thousands of monitors; this is a very critical vulnerability,” Rigi said. “Technology and supply chain risks.”
In the short term, the FDA recommends that healthcare systems and patients ensure that the device is only running locally or disable any remote monitoring; or, if remote monitoring is the only option, stop using the device when an alternative is available, if there is an alternative. The FDA said that to date, no cybersecurity incidents, injuries or deaths related to vulnerability have been recognized.
The American Hospital Association also told its members that until a patch is available, the hospital should make sure the monitors no longer have access to the internet and break it down from the rest of the network.
While the CONTEC monitor is a classic example we don’t often consider in healthcare risks, it extends to a range of medical devices produced overseas, Rigi said. He explained that large amounts of cash-stitched U.S. hospitals often buy medical equipment from China, a history of installing destructive malware in low-cost U.S. devices, which buys potential U.S. medical information in vital infrastructure Access permissions are repurposed and summarized for various purposes. Riggs said data is usually transmitted to China with the stated purpose of monitoring device performance, but there is little else to know about what happens to the data.
Rigi said individuals have not had as much acute medical risks as they are collected and aggregated information repurposing and putting larger healthcare systems at risk. Nevertheless, he notes that, at least, theoretically, the goal of famous Americans with medical devices cannot be ruled out to cause interference.
“When we talked to the hospital, the CEO was surprised that they didn’t understand the dangers of these devices, so we were helping them understand. The question for the government is how to inspire domestic production, stay away from overseas,” Rich said.
Chinese data collection about Americans
On a general level, CONTEC warnings are similar to Tiktok, DeepSeek,,,,, TP link routerAnd other equipment and technologies in China are collecting data about Americans as the U.S. government says. “That’s what I need to hear when I decide whether to buy medical equipment from China,” Rigi said.
Cybernews’ information security researcher Aras Nazarovas agrees that the CISA threat raises serious issues that need to be addressed.
“We have a lot to fear,” Nazarova said. Like the CONTEC CMS8000, medical devices often have access to highly sensitive patient data and are directly connected to life-saving functions. Nazarovas said that when devices have poor defense, they become easy to prey for hackers who can manipulate displayed data, change important settings, or disable devices altogether.
“In some cases, these devices are so poorly protected that the attacker can access remotely and change how the devices operate without the hospital or patient knowing it,” Nazarovas said.
The focus vulnerability and the consequences of vulnerability in a range of medical devices made in China are easily life-threatening.
“Imagine, patient monitors, which stop reminding doctors to drop the patient’s heart rate or send incorrect readings, resulting in delays or incorrect diagnosis,” Nazarovs said. For CONTEC CMS8000 and EPSIMED MN-1220 (same technology ) The device has been configured to allow remote code execution by a remote server.
“This feature can be used as an entry point to access the hospital network,” Nazarovas said.
More hospitals and clinics are paying attention. Bartlett Regional Hospital in Juneau, Alaska does not use CONTEC monitors, but is always looking for risks. “Regular monitoring is crucial because the risk of cybersecurity attacks continues to increase,” said Bartlett spokesman Erin Hardin.
However, as long as the device is poorly secure, conventional surveillance may not be enough.
Kaufman said it is possible to make things worse, and that the government’s Ministry of Efficiency is hollowing out the department responsible for protecting such equipment. According to the Associated Press, Many of the FDA’s recent layoffs are employees who review the safety of medical equipment.
Kaufman told him that it is a loose industry and may regret the existing industry. U.S. Government Accountability Office Report As of January 2022, it was noted that 53% of connected medical devices and other IoT devices in hospitals are known to be critical vulnerabilities. He said that since then, the problem has become worse. “I’m not sure what will run these institutions and what they will leave,” Kaufman said.
“Medical device problems have been widespread and have been famous for some time,” said Silas Cutler, chief security researcher at medical data company Censys. “The reality is that the consequences can be terrible, even fatal,” said Silas Cutler, chief security researcher at medical data company Censys. . While high-profile people are at higher risk, the most affected will be the hospital system itself, which has a cascading impact on daily patients.”
