- The Food and Drug Administration (FDA) has issued an alert to warn hospital systems about serious security vulnerabilities in Hospira Symbiq infusion systems.
- The security issues make it possible for hackers to remotely change a patient's dosage.
- Researcher Billy Rios discovered the flaws in a number of Hospiral infusion systems, including Plum A+, Lifecare PCA and Symbiq products.
Although Hospira is working to address the problem, the Symbiq infusion systems have been pulled from the market. Hospira is working with those who are currently using the systems to help them swith to alternative products. It's also provided a software update to minimize vulnerabilities during the changeover.
Hospira retired the Symbic systems at the end of May and they're expected to be removed from the market by the end of the year.
The FDA alert is intended to warn users about the risks and encourage them to stop using the systems. “The FDA is alerting users of the Hospira Symbiq Infusion System to cybersecurity vulnerabilities with this infusion pump," the FDA said in its alert. "We strongly encourage that health care facilities transition to alternative infusion systems, and discontinue use of these pumps."