The FDA is aware that computer viruses and other malware increasingly are infecting equipment such as CT scans and devices in cardiac catheterization labs and hospital computers used to view X-rays . The problems can cause the equipment to slow down or shut off, complicating patient care. The tight interconnection of health devices on the computer systems of Hospitals and in the Internet, could cause serious harm in the hands of hackers and cyberterrorists.
Therefore, the FDA, in order to prevent more risks, is pressing directing device manufacturers to find ways to address cybersecurity. FDA is preparing guidelines that will allow them to block approval of devices if manufacturers don’t provide adequate security plans for protecting them. The FDA also issued a safety communication both to producers of health devices and hospitals.
In addition to viruses and malware, security risks include the uncontrolled distribution of passwords for software that is supposed to be accessed only by a few people and the failure by manufacturers to provide timely security software updates.
In a public alert Thursday, the DHS Department of Homeland Security, which is working with the FDA, alerted that unauthorized access to passwords could allow critical settings to be changed, affecting how devices operate and what they do.