Identifying Malware on a Medical Device

Medical device security has been a hot topic for a while, but I regularly still hear from some that it’s not important because medical devices aren’t actually targeted by malware1, nor are they regularly attacked. Much like people who don’t want to go to the doctor to confirm their fears of being sick. They know they are susceptible to falling ill however they feel if they ignore it, the issue will go away. The same sentiment applies to medical device security. Issues do arise and it’s imperative to address them immediately. Knowledge is power and will enable you to make strategic decisions for the health of your medical devices and ultimately your patients.

In the same way, we go in for a physical, it’s important to have your medical devices checked up on a periodic basis for security. But much like coming down with an infection, it’s important to know the symptoms of an attack against your medical device.

Symptoms can differ from device to device. But you should keep your eye out for the following 7 symptoms:

  1. Any pop-ups that you aren’t used to seeing
  2. Sluggish speeds
  3. Abnormally long boot-up times
  4. Sudden loss of hard drive space
  5. Very slow image or other transmissions compared to other like devices
  6. Notices that your antivirus is not working
  7. Notices that a virus has been detected

When any of these events occur, it’s important to call Clinical Engineering or a Medical Device Cyber Security expert. They will be able to determine if a device is just running slow today or if there’s a real problem.

Medical devices are targeted and medical devices are infected with viruses. But if your facility isn’t regularly testing and monitoring for viruses, you may have a virus and not even know it. If you need help, CE-Tech can help you check your machines for viruses and implement best practices to prevent infections from occurring. With diligence, your machines won’t look like this:


Medrad Injector infected with the WannaCry ransomware

1This terribly false statement that medical devices are not targeted by attackers leads many to not consider securing their medical devices. But groups like Orangeworm are definitely attacking medical devices. Don’t let this happen to your devices!


Written by IT Manager, Ben Archambault