Connect with us


Security Risks in Medical IoT Devices – MEDJACK Malware Review



Devices on the Internet of Things are a weak point in many networks. Too often, they have outdated operating systems and poor security protection. IT administrators can’t get at their internals. Deploying insecure devices in healthcare systems can produce especially damaging consequences.

Health-related data is a prime target, and the legal penalties for failing to protect personal health information are severe. An infected device may not function properly, putting patients’ health and even lives at risk.

Current risks of medical IoT devices:

    • With the number of IoT devices growing from millions to 100s of millions centralized processes cannot scale​
    • Current processes are vulnerable to variety of threats.

Attacks on devices through MEDJACK

The MEDJACK attack provides a case in point. It’s a set of malware tools that target medical devices. MEDJACK takes advantage of weaknesses in older operating systems which are embedded in devices. They include Windows XP, 2000, and Server 2003, as well as some Linux distributions. It has gone through several revisions, each time devising new ways to bypass defenses.

It follows the “command and control” model, where it installs malware in a device which then sends data to a server that belongs to the attacker. The aim is to exfiltrate confidential data on the patient or the provider. Such data has high resale value. The devices serve as a pivot point from which the malware can reach other systems on the network.

The difficulties in defending against MEDJACK

Several factors make it difficult to detect and defend against these attacks. The devices are usually black boxes to the IT department. There often is no way to connect a console to them. Installing anti-malware software is difficult. Even if there is a way to do it, it may be inadvisable, since it would modify the behavior of an FDA-certified device. If a desktop computer stops running properly because of security software, it’s a nuisance that can be fixed. If a lifesaving device has the same problem, the consequences could be much worse.

As a result, the IT department is dependent on the manufacturer to issue security patches. Some manufacturers are slow at this. Some are reluctant to update certified devices, even though the FDA has issued guidelines stating that security patches don’t require re-certification of the device.

TrapX report – a case of malicious penetration

TrapX’s report, “Anatomy of an Attack,” describes three breaches that resulted from MEDJACK. They are similar in many ways, and a detailed look at the first will be informative.

A hospital, not named in the study, experienced several security alerts. The point of penetration was three blood gas analyzers, which had been breached in separate attacks. They had set up backdoors in the local network and were sending hospital data to a server in Europe. The amount of data stolen is uncertain, but there clearly was a breach.

After gaining a foothold in the devices, the attack used malware such as Zeus and Citadel to find passwords to other systems. The devices stored their data without encryption, simplifying the acquisition of confidential information.

Blood gas analyzers are used for critical treatment. They can’t simply be pulled out of service. Remedying the malware problem, even when it is known, is a difficult task.

The hospital had respectable network security. It had a firewall, heuristic intrusion detection, endpoint security, and antivirus software. These were insufficient to prevent intrusion because the devices had antiquated operating systems and because it was impossible to install security software on them.

TrapX concluded that the attackers could have not only stolen data but modified internal data. While the report doesn’t indicate that malicious modifications occurred, a similar attack could make devices produce false data on patients. That could lead to deadly errors in treatment.

Benefits of blockchain integration

Manufacturers using enabled blockchains can construct authorization/authentication databases. The QBRICS enterprise platform presents a unique example of an integrated blockchain solution. QBRICS proposes that authorization/authentication databases be propagated to read-only permission blockchain databases downstream using proprietary transmission protocols​. A plugin provided by the blockchain platform on IoT devices would then authenticate using the most proximate database. Fully deployed, relevant data from inventory, operational analytics (usage), marketing perspective would be readily accessible for consumption by business intelligence tools.The complete solution would provide:

    • No rogue devices (stolen devices, unauthorized vendors etc)​
    • Near-universal availability of device information (including software and hardware)​
    • Device movement and location information​
    • Device usage information ​
    • Device software upgrades easier (as targets easily identified, maintenance becomes easier)​


As this case shows, IoT-based attacks are difficult to prevent and detect. Several actions, however, can reduce the risk:

  • Take security features into account when selecting devices, when information on them is available.
  • Keep IoT devices on a separate subnetwork which doesn’t have access to critical information.
  • Use firewalls to strictly limit inbound and outbound access to IoT devices.
  • Run frequent security scans for any signs of infection.
  • Doing without the devices is rarely an option. The only alternative is to give extra attention to their security.

Subscribe to stay up to date with the latest blockchain innovation in healthcare .


Subscribe to receive blockchain analysis of cyber security threats in healthcare. e



Bitcoin investing interest up 19% compared to 2019, Grayscale report says



Crypto investing firm Grayscale recently released its 2020 Bitcoin Investor Study. The report used data from a survey which digitally polled a sizable number of individuals in the U.S. between June and July. Grayscale found the majority of the surveyed people were keen on buying Bitcoin (BTC).

“In 2020, more than half (55%) of survey respondents expressed interest in Bitcoin investment products,” Grayscale wrote in its October 2020 report. “This marks a significant increase from the 36% of investors who said they were interested in 2019.”

The numbers in Grayscale’s report come from data compiled by research company 8 Acre Perspective. The firm asked 1,000 U.S. persons about their Bitcoin investment interest, or lack thereof. The digitally polled group ranged from age 25 to 64, with minimum household earnings of $50,000 and a minimum of $10,000 of capital at their exposure for investment.

Similarly, Grayscale’s 2019 report used data from 1,100 Americans, polled in March and April 2019 under the same monetary and age parameters. 

“Among those who reported investing in Bitcoin, 83% have made investments within the last year, indicating that digital currencies are an increasingly attractive component of modern investment portfolios,” Grayscale’s 2020 report detailed. 

The report’s findings show Bitcoin’s popularity has increased in the U.S. “Based on this year’s survey, the market of potential Bitcoin investors is 32 million strong — compared to 21 million investors just one year ago,” the report explained.

“This year, 62% of investors reported that they are ‘familiar’ with Bitcoin, compared to 53% in 2019. In addition, nearly half of those surveyed predicted that digital currencies will be regarded as mainstream by the end of the current decade.”

The report also noted that parties interested in BTC were similar to mainstream market participants, although those keen on Bitcoin purchases run about seven years younger, on average. 

Additionally, the report pointed out a correlation between interest in Bitcoin and the COVID-19 pandemic. 


Continue Reading


Despite Minor Sell-Offs, Bitcoin [BTC] Inches Closer to $14K, What’s Next?




Bitcoin has been riding quite high of late. Despite a rather dull performance by Ethereum and the rest of the altcoin market, Bitcoin has shown clear bullish signs and was currently up by 12.39% over the last week. It was being traded at $13,588, at the time of writing which marked a new 16-month high for the world’s largest cryptocurrency.



A crucial level of resistance for Bitcoin now stood at $14,000, a level that was last seen in the second week of January 2018. If it manages to break this mark, BTC could soar higher and target its ATH level close to $20,000. However, if this coveted level is breached, it could potentially hit $65,000-$80,000 by mid-2021. This bold price prediction was made by one of the most interesting and popular strategist, who goes by the name ‘Magic Poop Cannon’.

One of the most prominent reasons for Bitcoin’s immense success was the massive institutional foray. MicroStrategy, for one, happens to be one of the largest publicly traded business intelligence firms in the world. The company made a series of huge purchases in Bitcoin in August and September this year. With the latest gains, MicroStrategy was currently sitting on more than $89,000,000 in profit from its BTC investments.

Michael Saylor, the Chief Executive of MicroStrategy had earlier asserted that Bitcoin was a better store-of-value asset class than fiat currencies. This comment was made in the backdrop of the company purchasing 21,454 Bitcoins at an aggregate purchase price of $250 million. Noting the growing pandemic-triggered havoc and the global economy taking a plunge, Saylor had earlier stated,

“Since its inception over a decade ago, Bitcoin has emerged as a significant addition to the global financial system, with characteristics that are useful to both individuals and institutions. MicroStrategy has recognized Bitcoin as a legitimate investment asset that can be superior to cash and accordingly has made Bitcoin the principal holding in its treasury reserve strategy”

Is A Setback Ahead?

Source: Twitter, Jameson Lopp

Despite the surging price, there is one setback. Bitcoin’s hash rate which saw a drop of 45% over the past three days. This could be attributed to the end of the rainy season in China’s Sichuan province. Here, the Bitcoin miners seasonally migrate to obtain the benefits of cheap hydro-electric power primarily because rains cause an increase in water levels which, in turn, profits BTC miners’. However, the end of the rainy season essentially meant that the miners are likely to leave.



Having said that, other on-chain data of Bitcoin appeared optimistic with no signs of investor trepidation. This was further validated by the increasing number of Bitcoin whale addresses as unrealized profits recently touched its yearly highs.

To keep track of DeFi updates in real time, check out our DeFi news feed Here.

Author: Ketaki Dixit

Experienced writer and editor with a demonstrated history of working in the industry. Skilled in Copywriting, Web Content Writing, Copy Editing, Writing, Cryptocurrency News Writing, and News Editing.


Continue Reading


Bitcoin Whale Wallets With 1000+ BTC Or More Spike To Highest Levels In History



Bitcoin price is only a mere few hundred dollars away from setting a higher high and confirming a new bull market. Coinciding with what appears to be a breakout ready to happen, whale-sized wallets holding more than 1000 BTC have surged to the highest level in the asset’s history.

Is this it – is the next cryptocurrency bull market based on Bitcoin’s block reward halving as the stock-to-flow model predicts, finally here?

Big Buyers Prepare For Crypto Bull Run By Accumulating Bitcoin

Bitcoin has been bullish all throughout 2020, even becoming the best performing mainstream asset beating out gold, stocks, and more. The leading cryptocurrency by market cap started off the year bullish, leading into the block reward halving in May.

But before the day arrived, the pandemic struck and the stock market selloff on Black Thursday caused Bitcoin’s uptrend to collapse.

The cryptocurrency and stocks have been on a tear since, with Bitcoin only recently decoupling due to network effect and adoption metrics rising.

bitcoin btc whale

Whale wallets over 1000 BTC grow to historic levels | Source: Glassnode, via Arcane Research

For example, non-zero BTC wallets and active wallets have recently reached new highs, and now, even whale-sized wallets holding 1000 BTC or more have spiked to the highest levels ever.

Related Reading | Bitcoin Could Be Just One Week Away From A New Monthly All-Time High Close

But what exactly is behind the sudden surge?

Whale-Sized Wallets With 1000 BTC Or More Reach New Highs, Is Price Next?

According to data, BTC addresses with a balance of 1000 BTC or more have grown to the highest level ever. These whales hold enough Bitcoin, that if the cryptocurrency ever reaches prices of $1 million per BTC as predictions reach, they’d have $100 million USD worth of the cryptocurrency.

Related Reading | Paul Tudor Jones: Bitcoin Is In First Inning, Like Investing In Apple Or Google Early

And that could be precisely the reason for the number increasing. With the expectation that Bitcoin’s valuation could rise to such levels, whales are preparing for the long haul. At current prices, that sized wallet worth of BTC would be valued at over $13 million today.

bitcoin whale btc wallet higher high

Bitcoin closes in on setting a higher high for the first time since 2017 | Source: BTCUSD on

Another theory for the increase in 1000+ BTC wallets could be more corporations following suit suddenly, and buying BTC on OTC markets to hedge against inflation and the dying buying power of the dollar.

The pandemic and resulting stimulus money has wreaked havoc on the monetary supply and caused a rapid imbalance further against the scarce supply of just 21 million BTC.

Currently,  just 23 companies alone hold over 786,000 BTC or more than 3% of the total supply. The more 1000 BTC whale-sized wallets there are, the even less Bitcoin there will be to go around for small fish investors.

Featured image from Deposit Photos, Chart from, Arcane Research, and Glassnode


Continue Reading