• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Advertise
  • Subscribe

Drug Delivery Business

  • Clinical Trials
  • Research & Development
  • Drug-Device Combinations
  • FDA
  • Pharmaceuticals
  • Policy

DHS warns on cyber vulnerability with BD’s Pyxis drug-dispensing devices

May 1, 2018 By Sarah Faulkner

Becton DickinsonAn array of medication-management systems from Becton Dickinson (NYSE: BDX) are vulnerable to the industry-wide KRACK key-reinstallation cyber attack, according to the company and to the Dept. of Homeland Security.

The glitch, which was first reported last year, is a vulnerability in the WPA2 protocol for securing Wi-Fi that can imperil the confidentiality and integrity of communication between a Wi-Fi access point and an enabled client, such as a computer, phone or other gear – even if the data is encrypted.

If a hacker successfully exploited this vulnerability, they could gain access to encrypted data like patient records, according to a notice from the DHS’ Industrial Control Systems Cyber Emergency Response Team.

“An industry-wide vulnerability exists in the WPA and WPA2 protocol affected by the Key Reinstallation Attacks known as KRACK. The four-way hand shake traffic in the Wi-Fi Protected Access WPA and WPA2 protocol can be manipulated to allow nonce reuse resulting in key reinstallation. This could allow an attacker to execute a ‘man-in-the-middle’ attack, enabling the attacker within radio range to replay, decrypt, or spoof frames,” the ICS-CERT wrote.

BD noted that accessing devices through the KRACK vulnerability is highly complex and requires physical proximity to an affected Wi-Fi access point and client.

The company has implemented third-party vendor patches in an attempt to resolve the devices’ vulnerabilities, but customers should ensure that data has been backed up and that appropriate physical controls are in place to stop attackers from coming within range of an affected Wi-Fi access point, BD recommended.

“There is currently no reported verified instance of the KRACK vulnerability being exploited maliciously against BD devices,” the company added.

Want to stay on top of DDBN content? Sign up for our e-mail newsletter for a weekly dose of drug-device news.

Filed Under: Drug-Device Combinations, Featured, Pharmaceuticals, Technology, Wall Street Beat Tagged With: Becton Dickinson

IN CASE YOU MISSED IT

  • Medtronic to separate Diabetes business unit
  • Tandem Diabetes Care wins CE mark for Mobi insulin pump with Control-IQ+ technology
  • Glooko adds chief strategy officer to chief medical officer’s title
  • Cordis launches 10,000-patient registry for drug-eluting balloon
  • Senseonics opens $50M public offering, $25M private placement with Abbott

Primary Sidebar

“ddb
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest news and trends happening now in drug delivery.

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.

Footer

Drug Delivery Business News Logo

MassDevice Medical NETWORK

MassDevice
DeviceTalks
Medical Tubing + Extrusion
Medical Design & Outsourcing
MedTech100 Index
Drug Discovery & Development
Pharmaceutical Processing World
Medical Design Sourcing
R&D World

DRUG DELIVERY BUSINESS NEWS

Subscribe to Drug Delivery’s E-Newsletter
Advertise with us
About
Contact us
Privacy
Listen to our Weekly Podcasts

Copyright © 2025 · WTWH Media LLC and its licensors. All rights reserved.
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media.

Privacy Policy | RSS