Armis is an enterprise-class security platform specifically designed to give security managers better visibility over the various kinds of “smart” devices that exist in their environment. Our unique ability to understand the context of each device lets us detect problems that other security products miss.
Such as when MRI machines are communicating with C&C in Russia.
In a recent customer engagement, Armis found an MRI machine communicating with a destination in Russia. The destination IP address in Russia was not a previously-known malicious destination, so the customer’s firewall did not block it. No security system besides Armis noticed this anomalous behavior.
The MRI machine was running a vulnerable (unpatched) version of Windows XP which had most likely become compromised by an APT that was communicating with command and control (C&C) located in Russia. Armis was able to alert on this activity because our anomaly detection engine knew that this type of communication was uncommon for this type of device.
In fact, many FDA classified medical devices are running older, unpatched operating systems and may be vulnerable to this kind of compromise.
A compromised MRI machine can lead to serious risks, both for the patient and the hospital:
Our recommendations for all healthcare delivery organizations are the following:
For more information about how Armis helps healthcare delivery organizations, check out our white paper.
Sign up to receive the latest news