BlueKeep Flaw Allows Outdated OS To Power Medical Devices

Although Microsoft has patched the BlueKeep vulnerability last year, more than 55% medical imaging devices are powered by outdated Windows versions. Such devices include Magnetic resonance imaging machines (MRIs), ultrasound machines, and X-ray machine.

Some researchers are concerned that that almost half of connected medical devices in hospitals are running on outdated Windows versions. Such versions are still vulnerable to the remote desktop protocol (RDP) flaw.

According to researchers, 22% of a typical hospital’s devices that were running on Windows, were vulnerable to BlueKeep. The number of connected medical devices running on Windows vulnerable to BlueKeep was around 45%. Due to security issues, device operators can more easily collect and upload data. Usually, the data is used for summarizing the medical history of patient. However, it can also be uploaded on dark web for unscrupulous purpose.

The statement from CyberMDX researchers in their “2020 Vision” report on medical security is as follows:

“For hospitals, the task of monitoring vulnerabilities, identifying affected devices, chasing down suitable patches, and distributing those patches across a sprawling campus is tedious, to say the least. This process is slow and inefficient, as the hospitals usually do not know which devices or security issues to attend to first.”

In 2019, Microsoft released patches for BlueKeep to counter WannaCry Ransomware. The disclosure of BlueKeep lead to a spike in scans for vulnerable systems and eventually active cyber-attacks that went on to exploit the flaw. WannaCry interrupted several critical services at hospitals across England.

Apart from BlueKeep, the Microsoft systems that are often used for powering medical devices are also prone to vulnerabilities like DejaBlue. DejaBlue is a set of RDP flaws and the operating systems that it puts on risk are Windows 7, Windows 8.1, and Windows 10 (as well as Windows Server 2008, Windows Server 2012, Windows Server 2016, and Windows Server 2019). 11% of connected medical devices.