Medical equipment interrupted by AV

Next story

Antivirus software can keep you safe, but when it’s improperly configured it could cause serious damage to not only your system but your patients.

That’s exactly what happened in what should have been a routine cardiac catheterization procedure: antivirus installed on a hemo monitor pc decided to run its hourly scan in the middle of the procedure, making vital data inaccessible.

The full report can be found here but to summarise, it seems as though the anti-malware software in question was set to run hourly scans but not set to ignore that scanning if the device was being used for a surgery.

This caused the hemo monitor screen to go black and cease displaying its vital data and this, as the report puts it, could cause “a delay in care that results in harm to the patient.”


Configuration and integration


Thankfully no one was hurt due to the interruption but who is to blame? Although the anti-malware software caused the problem it was avoidable given correct configuration as Mark James, ESET IT Security Specialist, explains.

“Security is not only about installing all the latest software or ensuring the operating system and applications are up to date and patched, these days you need to configure most applications for correct integration into your environment.

“Anti-virus software is no different: it might be as simple as excluding areas from real time scanning or turning on or off certain features but more often than not something will need to be tweaked or configured in your environment.

“If you don’t then sooner or later an unexpected event may cause adverse or even potentially critical problems: making sure that everything plays nice is a key part of a complete security solution.”

Mark also explains that it’s key to test your environment to make sure that everything works together in a safe controlled environment.

“Understanding what the device will be used for and making sure that no installed product will have adverse effects on other running software is especially important with antivirus products because of the level of integration that happens.

“If the wrong areas are being scanned and files are being locked when the key software wants explicit access to those files then often the only scenario is blue screens, data corruption or even reboots.”

Has anti-malware software ever interrupted your computer use?

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.