Researchers at Forescout Research Labs, with support from Medigate Labs, discovered vulnerabilities affecting Nucleus TCP/IP stack, a software that powers devices across the health care system. The lab has discovered a set of 13 new vulnerabilities, which could lead to remote code execution, denial of service, and information leak. The vulnerabilities have been named as NUCLEUS:13.
Nucleus, a real-time operating system (RTOS), is used in safety-critical devices, such as anesthesia machines, patient monitors, etc. The system powers devices that are extensively used in the health care, automotive, industrial, and aerospace industries. Siemens (which acquired Nucleus in 2017) has released patches for all the vulnerabilities.
Forescout published NUCLEUS:13, a study of 13 vulnerabilities affecting the Nucleus TCP/IP stack that could put billions of devices at risk, including medical, automotive and industrial systemshttps://t.co/yBvIx9xPyN
— Forescout (@Forescout) November 10, 2021
The vulnerability was discovered under an initiative by the Forescout Research lab, named Project Memoria. The industry peers and academia came together to analyze the security of multiple TCP/IP stacks. Some of the vulnerability studies published under the project are AMNESIA:33, NUMBER:JACK, NAME:WRECK, and INFRA:HALT. The project ran over a period of 18 months and exposed a total of 97 vulnerabilities, affecting 14 TCP/IP stacks.
The vulnerability if exploited, could cause critical health care systems like monitoring machines, imaging machines and life support systems to crash.
The health care sector has been a constant target of cyberattacks, especially in the pandemic when the vulnerabilities were more evident and easily exploited.
Roman Zhidkov, CTO, DDI development, in an exclusive article for CISO MAG, opined, “Health data security is an even more important issue to focus on than financial data security. Because often it is much harder, frustrating, costly, and time-consuming to correct and restore health data. Medical records, when breached, cannot be changed or cleaned at the touch of a button – the damage is irreversible. For health care organizations, a health data breach can be financially and reputationally destructive and lead to shut down.”
A study conducted by Armis revealed that 85 % of IT professional respondents did see an increase in cyber risk over the past 12 months, and 58% of IT pros in health care stated that their organization had been hit with ransomware. Increased digitization and remote health monitoring have resulted in a significant surge in connected devices — expanding the attack surface.
— Global News Report (@robinsnewswire) November 10, 2021