With the proliferation of wireless networks, mobile devices and medical
devices are increasingly being equipped with wireless interfaces, such as
Bluetooth and WiFi to allow easy access to and control of the medical devices.
Unfortunately, the very presence and usage of such interfaces also expose the
medical devices to novel attacks from malicious parties. The emerging threat
from malicious mobile devices is significant and severe, since attackers can
steal confidential data from a patient's medical device. Also, attackers can
compromise the medical device and either feed doctors bad data from it or issue
potentially fatal commands to the device, which may even result in the death of
the patient. As the mobile devices are often at close proximity to the patient
(either in the hospital or home settings), attacks from such devices are hard
to prevent. In this paper, we present a systematic analysis of this new threat
from mobile devices on medical devices and healthcare infrastructure. We also
perform a thorough security analysis of a major hospital and uncover potential
vulnerabilities. Finally, we propose a set of potential solutions and defenses
against such attacks.