For the latest news and information about the coronavirus pandemic, please visit the WHO website.
We will soon understand how medical staff suffer from a lack of protective equipment, a shortage of life and death ventilators, and.
Hospital staff from San Diego to Los Angeles discussed these issues internally on the pager network. But security researcher Troy Brown said in a speech at Defcon’s IoT Village that these news are not kept secret. Brown was able to see all of this, including personal details about the patient, such as the patient’s name and their COVID-19 status, and how often patients were transferred from the coronavirus room to the morgue.
Brown said that sensitive details were sent to the hospital’s pager without encryption, which allowed him to eavesdrop on private conversations from March to August.
Brown said: “Those unencrypted pager messages contain a lot of COVID information.” “It’s shocking to know that a long distance was broadcast in plain text.”
Brown pointed out that hospitals should do better in protecting wireless communications.
Hospitals with insecure messaging protocols are not new. Researchers have been warning about this problem for decades. For example, a news report in October 2019 focused on a researcher in London who discovered that a pager used by the country’s National Health Service leaked medical data during emergency calls.
Brown said that pagers can be encrypted, but about 80% of hospitals are still using insecure equipment. He can use software radio worth $20 to listen to the radio on a radio tower near his home, which can broadcast messages up to 70 miles away.
Once the eavesdropping started, Brown saw a lot of information about COVID-19 from the hospital, including the types of requests made by patients. These details give people an idea of how people view the coronavirus outbreak and how people’s perceptions change as the situation worsens.
Brown said: “Many people were tested positive and asymptomatic, and asked the doctor when they could return to work.”
He saw sensitive information, including the patient’s name, gender, age, diagnosis, COVID-19 status, the treatment they are receiving and the status of the hospital’s PPE supply and the inventory of beds and ventilators.
Brown can also see when people die of infectious diseases.
The wireless engineer said: “There is a specific floor in the hospital for storing COVID patients.” “A lot of morgue transfers do come from there.”
As the pandemic worsens, COVID-19 has changed from a new issue to a dark cloud in every message.
Initially, these messages included notes about fever or shortness of breath or other symptoms related to the disease. By April, even if the patient’s health issues are not related to the disease, by default, every email has questions about COVID-19 added.
Brown said: “If they are on a call, for example, a car wreck occurs, they will add COVID at the end of the status.”
The security researcher said his intention was not to convene a specific hospital. On the contrary, he wants to emphasize the problem that hospitals use unencrypted systems and inadvertently violate patient privacy.
During a pandemic, the privacy of healthcare is of the utmost importance because patients need to trust that the hospital will ensure the security of their information when conducting tests or providing data for contact tracking. Therefore, lawmakers are calling for privacy protection against the coronavirus, and Brown’s research shows that hospitals are still leaking information in a very simple way.
Brown said: “Anyone can listen to these towers and see all these news.” “There needs to be a national conversation.”