This vulnerability, if exploited, could allow hackers to modify or steal patients’ sensitive medical data from Illumina’s DNA sequencing devices. This information could then be used to harm the patients’ health or even sell the data on the black market. Healthcare providers and researchers need to be aware of this critical software vulnerability and update their devices as soon as possible in order to protect their patients’ data.
Most device vulnerabilities pose a low risk to users, but this particular flaw could be exploited by hackers to gain remote access to devices without needing a password. If exploited, this vulnerability could allow cybercriminals to steal personal or sensitive information from affected devices, or even take control of them and use them for malicious purposes. Device owners should keep their software and firmware updates up-to-date and ensure that they’re using strong passwords across all their online accounts to help protect themselves from potential attacks.
Web browsers are not the only potential targets of hackers. Operating systems, including Apple’s macOS, are also susceptible to attack by malicious code uploaded by an attacker. This vulnerability could be exploited in a number of ways, such as via an infected website or email, or through malware installed on the target computer.
The vulnerabilities could allow unauthorized access to user data, including clinic patient details and research results. Illumina is currently aware of two separate but potentially damaging vulnerabilities in MiSeq and NovaSeq systems. If exploited, these vulns could let someone gain privileged access to system files or manipulate the sequencing process, potentially causing damage to patient data. In both cases, a malicious actor gaining control of an affected machine would also have potential access to sensitive images and other valuable data stored on the machine.
Although Illumina has not received any reports indicating that a vulnerability has been exploited, nor do they have any evidence of any vulnerabilities being exploited, the company has taken measures to protect their devices from possible attack. Devices that are affected by the flaws reportedly lack necessary security features to protect them from potential exploitation and may be vulnerable to unauthorized access.
21,510 Illumina sequencers are currently in use in cancer research labs around the world, according to company CEO Francis deSouza. The company is expecting that its installed base will reach more than 30,000 sequencers by the end of 2020. This represents a significant increase from the 22,000 sequencers that are currently in use.
The discovery of this vulnerability underscores the need for organizations to continue monitoring their software for potential vulnerabilities and exposures. By doing so, organizations can reduce the risk of exposure to cyber threats and ensure that their systems are as secure as possible.
The vulnerability, which was discovered by a Tesla researcher, allows malicious actors to takeover control of an instrument’s computer system. The company shifted its focus to developing mitigations for the issue and worked closely with regulators in order to ensure customers were not impacted. Tesla released a software update that required little or no downtime for most instruments.
Medical devices are becoming increasingly reliant on electronic systems, making them prime targets for hackers. In March, the FDA announced that it will require medical device makers to meet specific cybersecurity requirements when submitting an application for a new product. Device makers will have to submit a plan explaining how they plan to track and address vulnerabilities, and include a software bill of materials detailing every component in a device. This action is likely meant to protect patients’ health data from being stolen by hackers.