BlackBerry announces cyber threat to operating system for medical devices

Aug 18, 2021 - 11:07 AM
Cybersecurity Lock on Gold Wall

BlackBerry yesterday announced a set of cyber vulnerabilities in its QNX Real Time Operating System for medical devices and other products, which a remote attacker could exploit to cause a denial-of-service condition or execute arbitrary code on affected devices. It said there are no known workarounds for the vulnerability. The U.S. Cybersecurity and Infrastructure Security Agency recommends applying patches as soon as they are available from BlackBerry. 

“Because many affected devices include safety-critical devices, exploitation of this vulnerability could result in a malicious actor gaining control of sensitive systems, possibly leading to increased risk of damage to infrastructure or critical functions,” CISA said.

John Riggi, AHA senior advisor for cybersecurity and risk, said, “This cyber vulnerability is significant since it is present in medical devices and may, if successfully exploited, preclude availability or cause malfunction of the device, or pose a risk to patient care. If at all possible, it is recommended that affected devices be disconnected from internal networks and the internet until a patch becomes available.”

For more on this or other cyber and risk issues, contact Riggi at jriggi@aha.org
 

Related News Articles

Headline
Agencies issue advisory on updated tactics by Play ransomware group
The FBI, Cybersecurity and Infrastructure Security Agency and Australian Cyber Security Centre June 4 released an advisory on updated actions and tactics used…
Headline
Agencies release guidance on AI data security 
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners May 22 released guidance on securing data used for…
Headline
Russian state-sponsored cyber actors targeting tech companies, others 
The FBI, along with the National Security Agency and other international cybersecurity agencies, this week released a joint agency advisory on cyber operations…
Headline
FBI warns of cyber actors exploiting end-of-life routers
The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers. Routers dated 2010…
Headline
FBI warns of malicious text, voice-messaging campaign impersonating senior U.S. officials
The FBI’s Internet Criminal Complaint Center May 15 released an alert warning of a malicious text and voice messaging campaign involving impersonators…
Headline
AHA blog — 3 Must-know Cyber and Risk Realities: What’s Ahead for Health Care in 2025 
In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, examines the state of cyber and physical threats in 2025 as…