Autonomous robots used in hundreds of hospitals at risk of remote hijacks

Autonomous robots

Adecade ago security researcher Barnaby Jack famously wirelessly hacked a hospital insulin pump live on stage in front of hundreds of people to demonstrate how easily it could be compromised to deliver a lethal dose of medication. In the years that have passed, medical device security has gotten better, albeit with an occasional high-profile hiccup. But researchers are now finding vulnerabilities in newer hospital technologies that weren’t as ubiquitous a decade ago.

Enter autonomous hospital robots, the supposed-to-be-friendly self-controlled digital workhorses that can transport medications, bed linens, food, medications and laboratory specimens across a hospital campus. These robots, such as the ones built by robot maker Aethon, are equipped with the space to transport critical goods and security access to enter restricted parts of the hospital and ride elevators, all while cutting labor costs.

But researchers at Cynerio, a cybersecurity startup focused on securing hospital and healthcare systems, discovered a set of five never-before-seen vulnerabilities in Aethon robots, which they say allowed malicious hackers to remotely hijack and control these autonomous robots — and in some cases over the internet.

Read more