Cyber Security for Medical Devices and Hospital Networks

许多医疗设备包含可配置的嵌入式计算机系统，容易受到网络安全漏洞的攻击. In addition, as medical devices are increasingly interconnected via the Internet, hospital networks, other medical devices or smartphones, there is an increased risk of cyber-security breaches, which could affect how a medical device operates.

美国食品和药物管理局(FDA)最近意识到可能直接影响医疗设备或医院网络运营的网络安全漏洞和事件, such as the following:

• 网络连接/配置的医疗设备被恶意软件感染或禁用
• The presence of malware on hospital computers, smartphones and tablets, targeting mobile devices using wireless technology to access patient data, monitoring systems and implanted patient devices
• Uncontrolled distribution of passwords, disabled passwords, hard-coded passwords for software intended for privileged device access (e.g., to administrative, technical and maintenance personnel)
• 未能及时向医疗设备和网络提供安全软件更新和补丁，未能解决较旧医疗设备模型(遗留设备)中的相关漏洞
• 现成软件中的安全漏洞，旨在防止未经授权的设备或网络访问, such as plain-text or no authentication, hard-coded passwords, 服务手册中记录的服务帐户和糟糕的编码/SQL注入.

FDA Recommendations/Actions

FDA提出了一些建议，以减轻技术可能给医疗机构带来的风险.

For all device manufacturers:

制造商有责任保持警惕，识别与其医疗设备相关的风险和危害, including risks related to cyber security, 并负责采取适当的缓解措施，以解决患者安全问题并确保适当的设备性能.

FDA希望医疗器械制造商采取适当措施，限制未经授权访问医疗器械的机会. Specifically, 建议制造商审查其网络安全实践和政策，以确保适当的保护措施到位，以防止未经授权的访问或修改其医疗设备，或危及可能连接到设备的医院网络的安全性. 需要安全控制的程度将取决于医疗设备, its environment of use, the type and probability of the risks to which it is exposed, and the probable risks to patients from a security breach.

In evaluating your device, consider doing the following:

• Take steps to limit unauthorized device access to trusted users only, 特别是对于那些维持生命或可以直接连接到医院网络的设备.
• Appropriate security controls may include user authentication, such as user ID and password, smartcard, or biometrics; strengthening password protection by avoiding hard-coded passwords and limiting public access to passwords used for technical device access; physical locks; card readers; and guards.
• 保护单个组件免受利用，并制定适合设备使用环境的主动安全保护策略. Such strategies should include timely deployment of routine, 经过验证的安全补丁和方法，将软件或固件更新限制为已验证的代码. FDA通常不需要审查或批准仅仅为了加强网络安全而进行的医疗设备软件更改.
• Use design approaches that maintain a device’s critical functionality, even when security has been compromised, known as “fail-safe modes.”
• 在安全受到威胁的事件发生后，提供保留和恢复的方法.
• 网络安全事件的可能性越来越大，制造商应该考虑事件响应计划，以解决运行降级和有效恢复和恢复的可能性.

For health care facilities:

FDA建议您采取措施评估您的网络安全并保护您的医院系统. In evaluating network security, hospitals and health care facilities should consider doing the following:

• Restricting unauthorized access to the network and networked medical devices
• 确保适当的杀毒软件和防火墙是最新的
• Monitoring network activity for unauthorized use
• 通过例行和定期评估保护单个网络组件, 包括更新安全补丁和禁用所有不必要的端口和服务
• 如果您认为您可能有与医疗设备相关的网络安全问题，请联系特定的设备制造商
  • 如果您无法确定制造商或无法联系制造商, the FDA may be able to assist in vulnerability reporting and resolution.
• 制定和评估在不利条件下维持关键功能的策略

Reporting Problems to the FDA 

及时报告不良事件可以帮助FDA识别和更好地了解与医疗器械相关的风险. 如果您怀疑网络安全事件影响了医疗设备的性能或影响了医院网络系统, file a voluntary report through MedWatch, the FDA Safety Information and Adverse Event Reporting program. 

受FDA用户设施报告要求约束的设施雇用的卫生保健人员应遵循其设施建立的报告程序.

设备制造商必须遵守医疗设备报告(MDR)法规.

本风险洞察并非详尽无遗，任何讨论或意见也不应被视为法律建议. 读者应联系法律顾问或保险专业人士以获得适当的建议. Design © 2013 Zywave, Inc. All rights reserved.