May 17, 2020

Stryker's acquisition takes back the issue of patient safety in surgery

Admin
3 min
Stryker’s acquisition takes back the issue of patient safety in surgery.jpg
Written by Alyssa Clark The recent announcement by Stryker Corporation stated that they are set to acquire Patient Safety Technologies, Inc., thus tak...

Written by Alyssa Clark

 

The recent announcement by Stryker Corporation stated that they are set to acquire Patient Safety Technologies, Inc., thus taking back responsibility for patient health during and after surgical procedures. Patient Safety Technologies’ focus is its product Surgicount, bar coding technology that calculates and reduces the number of sponges left in the body after surgery. The deal on the table, and still to be finalized, is a price of $2.22 per common share, with a total deal value estimated at $120 million including estimated fees and expenses.

Problems hospitals face after surgery lie solely in the surgical error that occurs on what seems to be a daily basis— sponges, reactors and/or other implements and tools can be left in the body post-surgery. The results of these hospital mishaps can result in patient infection, excruciating pain and death, thus public recognition of this problem is long-overdue. The need for hospitals, and those who are employed by the hospitals, to re-emphasize patient safety is at an all time high. It is from big-market moves by companies like Stryker and others that will bring the public attention that this epidemic needs and hopefully can help to illicit some kind of change in the near future.

This bar coding scanning technology can be revolutionary in preventing unnecessary patient hospitalizations, infections, repeat surgeries and expensive antibiotics. Costing an estimated $10 per surgery, this bar code scanning technology could easily locate any forgotten surgical objects (sponges, chips, tools) and alert the surgeons or assistants that there is an outstanding object in the patient. With 85 percent of hospitals already investing in different types of robotics to improve efficiency, shouldn’t patient safety be up there with the most worthy of investments?

Leah Binder of Forbes writes, “It’s easy to assail hospital executives for their cheapness. They deserve that. But the fact is, in the past at least patient safety had no business model; keeping patients safe doesn’t appear to pay off financially as hospitals cope with uncertainty and rapidly shifting policies under Obamacare.”

“But outside of Washington, the market won’t accept that business model, and Stryker’s move is a major sign.”

In a market like healthcare’s, it is not so much a demand but an inherent need to stay ahead of public opinion and land in its good graces. In a marketplace drive by the consumer and patient needs, Stryker and others who are choosing to invest on behalf of the patient are going to go a lot further than those looking for short-term fixes. With the transitional state of modern healthcare post-Obamacare and the ACA, the emphasis on the individual is arguably lost. Healthcare companies, large hospitals and pharma companies need to regain the trust of the individual and invest in patient safety.

Share article

Jun 17, 2021

Peloton vulnerable to cyber attacks, McAfee research finds

cyberattack
fitness
Cybersecurity
verification
2 min
​​​​​​​Software security experts McAfee discovered exercise bikes by Peloton are vulnerable to cyber attacks, which the company have since resolved 

Peloton, the popular exercise bikes, were found to be vulnerable to cyber attacks in the latest research from McAfee. 

Peloton is a brand of electric bikes that combines high end exercise equipment with cutting-edge technology. Its products use wi fi to connect to a large tablet that interfaces with the components of the exercise device, and provides an easy way for physical activity enthusiasts to attend virtual workout classes over the internet several times a week.

Peloton has garnered attention recently around the privacy and security of its products. So McAfee decided to take a look for themselves and purchased a Peloton Bike+.

The problem

Researchers looked at the Android devices and uncovered a vulnerability  that could allow an attacker with either physical access to the Bike+ or access during any point in the supply chain to gain to hack into the bike’s tablet, including the camera, microphone and personal data. 

For the person using it there would be no indication the Bike+ has been tampered with, potentially putting Peloton’s 16.7 million users at risk.  

The flaw was found in the Android Verified Boot (AVB) process. McAfee researchers were able to bypass the Android Verified Boot process, which normally verifies all code and data before booting. They were then able to get the device to boot bypassing this step. 

This could potentially lead to the Android OS being compromised by an attacker who is physically present. Even worse, the attacker could boot up the Peloton with a modified credential to gain privileges, granting them access to the bike remotely. 

As the attacker never has to unlock the device to boot it up, there would be no trace of their access on the device. This type of attack could also happen at any point from construction to warehouse to delivery, by installing a backdoor into the Android tablet without the user ever knowing. 

The solution

Given the simplicity and criticality of the flaw, McAfee informed Peloton while auditing was ongoing. The vendor was sent full details,  and shortly after, Peloton confirmed the issue and released a fix for it. 

Further conversations between McAfee and  Peloton confirmed that this vulnerability had also been present on the Peloton Tread exercise equipment. 

Peloton’s Head of Global Information Security Adrian Stone, commented on the research: “This vulnerability reported by McAfee would require direct, physical access to a Peloton Bike+ or Tread. Like with any connected device in the home, if an attacker is able to gain physical access to it, additional physical controls and safeguards become increasingly important.

"To keep our members safe, we acted quickly and in coordination with McAfee. We pushed a mandatory update in early June and every device with the update installed is protected from this issue.”

Share article