At the time Erven’s team conducted their research, they didn’t know how many vulnerable medical devices were directly connected to the internet as opposed to simply being connected to internal networks accessible via the internet.
Erven and Merdinger set out to scan the internet to answer this question. They scanned for any systems using port 445—the port the SMB protocol uses to transmit data—and filtered for hospitals and other health care organizations while using keywords like “anesthesia” and “defibrillator.” Within half an hour, they discovered a health care organization that was leaking information on 68,000 systems. The organization, which Erven would not identify, has more than 12,000 employees, 3,000 physicians and large cardiovascular and neuroscience institutions associated with it.
