Hospitals Still Use Pneumatic Tubes--and They Can Be Hacked

It's all too common to find hackable flaws in medical devices, from mammography machines and CT scanners to pacemakers and insulin pumps. But it turns out that the potential exposure extends into the walls: Researchers have found almost a dozen vulnerabilities in a popular brand of pneumatic tube delivery system that many hospitals use to to carry and distribute vital cargo like lab samples and medicine. Pneumatic tubes may seem like wonky and antiquated office tech, more suited to The Hudsucker Proxy than a modern-day health care system. Swisslog Healthcare, a prominent medical-focused pneumatic tube system maker, says that more than 2,300 hospitals in North America use its "TransLogic PTS" platform, as do 700 more elsewhere in the world. The nine vulnerabilities that researchers from the embedded device security company Armis found in Swisslog's Translogic Nexus Control Panels, though, could let a hacker take over a system, take it offline, access data, reroute deliveries, or otherwise sabotage the pneumatic network.