Hospitals are full of critical technologically advanced equipment that's necessary for keeping people alive. So you'd hope that they would be safe from simple attacks or sabotage. Unfortunately, a worrying report indicates that they aren't.
Most recently, security researchers found Hospira's PCA3 Drug Infusion Pump has serious security problems. Anyone with access to a Hospira unit can use the built-in Ethernet port to pull the Wi-Fi information and take control. But it gets worse.
Drug pumps and other critical equipment is kept on a separate "Life Critical Network" to keep hackers out. Unfortunately, getting the Wi-Fi information from a PCA3 lets a hacker on to that network. And from there, they can take control of all the units in the hospital.
This lets the hacker mess around with drug settings, dosages, or crash the units entirely. That could injure or even kill someone.
According to the Department of Homeland Security, Hospira is now working on fixing the PCA3, but there are multiple weakness that need to be resolved. So it could take a while to find and squash them all.
This is just another example of companies making dedicated hardware without completely thinking through the security angle. Unfortunately, it leaves you and me in the crosshairs.