Re: It definitely takes
My apologies to those of gentle minds but messing with these machines could cause the death of people
So, what do we do with those who hack SCADA? An explosion at a power station can do damage on an order of magnitude higher than hacking a single medical device (or even class of). The Philip IV the fair treatment for state treason? For those of us who do not read history that is: "quarter, skin, castrate, gut, and hang the remains".
So what about those who hack cars, aircraft, traffic control systems, satellite communications?
This is is a slippery slope and what makes it doubly slippery is the fact that medical equipment manufacturers are pathological in making their equipment insecure and impossible to secure. One of the reasons for the severity of the NHS Wannacry outbreak was the tens of thousands (if not more) radiography, CAT scan, etc machines which were all running Windoze and were OFF LIMITS to patching. You could not patch them period - only the stock OS as shipped was allowed to be used and the manufacturers never ever verified a single MS hotfix. Sure, in that case NHS IT itself was at fault for putting them on a flat network and not firewalling them. However, in real life you simply cannot firewall everything. That approach does not work (especially for things like monitors, sensors and smart pump/drug delivery systems).
So someone HAS TO HACK them and take to task the idiots who have shipped defective and substandard equipment out there. As long as there is no damage to the individuals using the equipment and the only ones "suffering" are the idiots who write software for it, I am all for hacking medical kit. We need more of it - so that regulators finally start paying attention.
Biting the hand that feeds IT
