Connect with us

Technology

Hospital robots face attack by hackers after critical security flaws found, experts warn

SERVERS that control robots working in hospitals were found to have major gaps in security coding.

The robots perform menial tasks like delivering medications and transporting materials across hospitals but could be exploited to do harm.

The healthcare sector is becoming increasingly accepting of robots undertaking tasks normally done by humans

Aethon TUG smart autonomous robots are a cost-effective way for hospitals and other businesses to delegate simple tasks away from busy human employees.

They can lift hundreds of pounds, clean floors and execute other maintenance-adjacent tasks.

To navigate, the TUG robot uses radio waves to tap into a given hospital’s network of motion sensor doors and elevators.

Because of their ability to bypass security clearances and access medicines or rooms not afforded to a regular visitor, the thousands of TUG robots in US hospitals are a keen target for hackers.

Read More in Cybercrime and Hacking

CYBER WAR

Anonymous leaks ‘776GB of Kremlin files’ after hacking Russian database

PASSWORD PROTECT

1 BILLION iPhone users urged to change settings now over cyber fears

A major security vulnerability was first flagged by Cynerio, a cybersecurity company that works specifically in the healthcare sector.

Cynerio dubbed the collection of five different security gaps JekyllBot:5.

JekyllBot:5 is what computer scientists call a “zero-day vulnerability” – a term for a flaw that has no existing patch.

The Independent quoted the head of Cynerio’s cyber network analysis saying “These zero-day vulnerabilities required a very low skill set for exploitation, no special privileges, and no user interaction to be successfully leveraged in an attack.”


The TUG robots most at risk were the ones actively connected to the internet.

Cynerio published a report on JekyllBot:5’s capabilities divided the risks into two categories: risk of unauthorized control of the robots and risk of malware installation.

The company wrote that the robots could have been used to give hackers “an access point to laterally move through hospital networks, perform reconnaissance, and eventually carry out ransomware attacks, breaches, and other threats.”

The robots were taken offline to prevent hackers from accessing them and work on applying fixes.

Read More on The US Sun

LONE ‘SHOOTER’

Subway suspect’s sister reveals moment she found out he is wanted for attack

DOUBLE DEATH

Two kids found dead with arms, legs, and neck tied after hang-up 911 calls

Hospitals using TUG robots are advised to see that their bots are patched with the latest firmware and software available.

Peter Seiff, the CEO of ST Engineering Aethon, refused to answer questions posed by TechCrunch regarding the progress of security patch installation.

We pay for your stories!

Do you have a story for The US Sun team?

Email us at exclusive@the-sun.com or call 212 416 4552.

Like us on Facebook at www.facebook.com/TheSunUS and follow us from our main Twitter account at @TheSunUS