Les pacemakers ne sont pas les rois de la cyber-sécurité

A l’instar des objets connectés, les pacemakers doivent encore faire de gros effort en matière de cyber-sécurité. Une récente étude  montre en effet que de nombreuses failles sont présentes dans les librairies et méthodes de programmation utilisées pour concevoir ces produits.

un petit clic pour ma veille

All of the pacemaker systems examined also had unencrypted file systems on removable media. And as far as the software goes, Rios and Butts discovered more than 8,000 known vulnerabilities in third-party libraries used across the programmers from each manufacturer. The researchers said all issues were, or will be, reported to the Department of Homeland Security’s Industrial Control System CERT.

Pacemaker Ecosystem Fails its Cybersecurity Checkup

Pacemakers and pacemaker programmers lack authentication and are plagued with thousands of software vulnerabilities across leading manufacturers. Pacemakers continue to be the front line of medical device security debates after a research paper published this week described a frightening list of cybersecurity issues plaguing devices built by leading manufacturers, including a lack of authentication and encryption, and the use of third-party software libraries ravaged by thousands of vulnerabilities.

Pour vous faire peur, l’étude est disponible ici:

Cliquer pour accéder à Pacemaker-Ecosystem-Evaluation.pdf

Veilleur et spécialiste en cybersécurité

Newsletter

Me suivre: