WannaCry wreaked havoc on the UK NHS Possibly Because of BroadPwn Vulnerable Raspberry Pi Computers
Reporter Rebecca McBeth wrote a story last year about the UK’s NHS adoption of the Raspberry Pi MediPi open source platform in an effort to bring down the cost of providing care in UK hospitals. According to the story, the Raspberry Pi computers were purchased off the shelf and deployed in hospitals. https://www.digitalhealth.net/2016/04/medipi-open-source-telehealth-kit-piloted-in-nhs/
“The hardware, which includes a blood pressure cuff, a finger oximeter and some diagnostic scales, comes in at £250 along with the Raspberry Pi and screen. The devices were bought off-the-shelf and are connected via USB”, the story reported.
Given what we know today about the BroadPwn vulnerability impacting unpatched Raspberry Pi computers, these devices very well could have served as a bridge allowing infected BroadPwn’d devices outside the hospital to penetrate the hospital’s firewall by directly connecting via WiFi to the vulnerable Broadcom chips. Once infected, those Raspberry Pi computers, presumably connected to the UK Hospital networks behind the firewall could have acted like fuel in helping the WannaCry malware quickly spread to hospital systems via the SMB Double Pulsar port 445 exploit.
I obviously don’t know for a fact that this happened, but the vulnerabilities and potential for those attacks to have happened in the way I describe here is very real.
I wonder if our hospital systems in the US use the same Raspberry Pi platform to deliver care to patients?
What I know is this, if I were a heart patient using a Raspberry Pi, I would want it patched today and would not wait to have it compromised by a drive by hacker using WiFi to attack my pacemaker! Maybe buying computers at retail stores for life critical functions isn’t such a smart idea…