In hospitals, connected objects are everywhere. On average, a patient’s room would contain six. A resuscitation room, a dozen. In recent years, hi-tech has been spreading in all departments for better patient care.
But there is a flip side : connected objects would be cybervulnerable. The number of hospitals affected by cyberattacks continues to grow. A pacemaker, for example, uses wireless communication technology that has security vulnerabilities. In theory, a hacker could easily take control of it. Fact or fiction? According to a specialist interviewed by “Complément d’Enquête”, “we are closer to reality than fiction“.
When a whistleblower puts himself in the shoes of a pirate…
To demonstrate this, the magazine contacted a whistleblower. Near Clermont-Ferrand, Charles Blanc Rolin manages the computer security of six establishments. And he would like the hospital services, but also the authorities, to become aware of the danger. So he put himself in the shoes of a pirate… and took control of a machine – in this case, a surveillance monitor.
All hospital rooms contain one, connected to another in the nurses’ room. An essential device for viewing vital signs such as heart rate at a glance. Using two of these monitors, Charles Blanc Rolin shows how easy it is to “make the doctor think that the patient is fine when he is not, or vice versa“.
… to show the vulnerability of certain devices
After deactivating the first monitor, it simply sends the second… false values (for example a heart rate of 160 beats per minute instead of 50). “Someone with bad intentions who manages to enter the hospital network, physically or remotely through a compromised computer, could carry out the same type of attack.“, he says.
Because of vulnerable devices, would a hacker have the right to life or death over the patient? In any case, devices that present this type of vulnerability, the whistleblower claims to have seen in service recently in certain hospitals…
Excerpt from “Hackers: the new robbers”, a document to be reviewed in “Complementary investigation” on November 10, 2022.
> Replays of France Télévisions news magazines are available on the Franceinfo website and its mobile application (iOS & Android), “Magazines” section.