Geo-Poli-Cyber Risks Increased by Critical Bug Set ‘PwnedPiper’ that has already compromised major hospitals in North America.

Critical Bug Set ‘PwnedPiper’ that is already impacting major hospitals in North America provides a vulnerability that can be exploited by Geo-Poli-Cyber motivated Hackers.

Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper.

PTS solutions are part of a hospital’s critical infrastructure as they are used to quickly deliver items like blood, tissue, lab samples, or medication to where they’re needed.

The flaws are in some of SwissLog’s TransLogic Pneumatic Tube System, an automated material transport solution for carrying medical items across longer distances in medium to large hospitals.

According to the maker, TransLogic PTS is present in more than 2,300 hospitals in North America and more than 3,000 units worldwide benefit from 24/7 customer support.

Critical bug left unpatched

Research from Armis, a connected device security company, revealed that an unauthenticated attacker could gain full control over some TransLogic PTS stations connected to the internet and then take over the entire PTS network of a target hospital.

Specifically, the company discovered nine critical vulnerabilities in the firmware powering the Nexus Control Panel for managing “all current models of Translogic PTS stations.”

While not all the issues could be exploited by a remote attacker, their severity level remains high, given a PTS’ role in a hospital.

Swisslog acknowledged the security issues and says that they impact the HMI-3 circuit board in Nexus Panels connected to the internet. The company notes in an advisory this weekend that the affected PTS products “are deployed primarily in hospitals within North America.”

Jennie McQuade, Chief Privacy Officer for Swisslog Healthcare, says that the security issues are not present unless a mix of variables exists.

“The potential for pneumatic tube stations (where the firmware is deployed) to be compromised is dependent on a bad actor who has access to the facility’s information technology network and who could cause additional damage by leveraging these exploits” – Swisslog

Armis found many other vulnerabilities which if left unpatched can allow hackers of all motivations to breach their targets.  one of the most severe is CVE-2021-37160:

This is because it is an unencrypted, unauthenticated firmware upgrades on the Nexus Control Panel. An attacker could leverage it to install malicious firmware on the system, essentially taking full control over it.

These vulnerabilities came to light on May 1 and persisted since. Viable patches tried to fix the issue  as a mitigation step for hospitals were unable to apply the fix right away.

Protecting against PwnedPiper vulnerabilities

Hospitals need to address this ASAP while many are finding it hard to install the latest firmware update for TransLogic.

Those who are struggling with applying the needed fix can contact Survivability News or MLi Group for assistance.

What Are
Geo-Poli-
Cyber™
Warfare
& Risks?

What Are Geo-Poli-Cyber™ (GPCyber™) Warfare, Risks & Threats?

Definition
Geo-Poli-Cyber™ warfare has spread worldwide in recent years and is impacting everyone without exception through cyber attacks that are political, ideological, terrorist, extremist, ‘religious’ and/or geo-politically motivated. They are perpetrated by political and extremist groups, national security agencies and/or their proxies, and lone wolves.

Cyber security strategies and solutions that are followed like gospel have failed and will continue to fail to mitigate, defend and protect national sovereignty and corporate security from Geo-Poli-Cyber™ attacks on unprecedented scales and with devastating political, social, and financial consequences.
More Sinister and Destructive Than Financial Motivations

Geo-Poli-Cyber™ attacks are significantly different from financially motivated cyber-attacks in damage, scale, magnitude and require different and upscaled risk mitigation strategies and solutions.

Why Do Existing Strategies & Solution keep failing?

MLi Group chairman Khaled Fattal created the terms Poli-Cyber™ and Geo-Poli-Cyber™ (GPCyber™) back in 2012 because of seismic game-changing events he had observed years before. Fattal believed that these events and trends will cause …

Click to read more

Survivability News Latest