Cybersecurity

6335 readers

399 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

Backdoor found in two healthcare patient monitors, linked to IP in China (www.bleepingcomputer.com)

submitted 2 weeks ago by kid to c/cybersecurity

17 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] TheOSINTguy 24 points 2 weeks ago (2 children)

Those things shouldn't even be connected to the internet.

[–] IrateAnteater 13 points 2 weeks ago (1 children)

Might not be. This could have simply been some IT guy noticing that something kept trying to ping the outside world.

[–] Ajen 0 points 2 weeks ago (1 children)

The only way some IT guy can notice it pinging the outside world is if it's connected to the internet.

[–] IrateAnteater 2 points 2 weeks ago (1 children)

Depends on the router it's hooked to and the level of traffic logging being performed. Being connected to a LAN is not the same as being connected to the internet.

[–] Ajen 0 points 2 weeks ago (1 children)

No, it doesn't depend on the router. The device can either send traffic to other devices on the internet or it can't. If the device can ping something on the internet, then it is connected to the internet. It's a tautology.

[–] IrateAnteater 2 points 2 weeks ago (1 children)

All traffic from that device is going to pass through the router. In order to start communicating with the other device, the first device has to send a packet. The router sees that packet, and routes it to the other device. If there's no internet connection, things die here, but the router still saw that initial packet.

[–] Ajen 1 points 2 weeks ago (1 children)

Sorry, I realized I misread your earlier post. I missed the word "trying," and it sounded like your were saying the device might not be connected to the internet even though it's successfully pinging a server.

[–] IrateAnteater 1 points 2 weeks ago

Lol, no worries.

[–] [email protected] 8 points 2 weeks ago (1 children)

They connect to allow the vitals to be pulled into the EMR to allow continuous documentation of vitals for the anesthesia record or central patient monitoring. More and more frequently, the database is not onsite and is shared amongst several sites within a hospital system.

[–] [email protected] 10 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

But the device itself shouldn't need internet connectivity for this. That networking should be handled by a local master device, the same way access control systems (e.g. Door badge readers, alarm monitoring, etc) work.

Then this device would only use a local, isolated network to access the master device.

[–] [email protected] 3 points 2 weeks ago

Agreed. Network connected to an isolation vlan without internet access