Two major hospitals in the United States are trialling a new system for detecting malware on medical devices, using probes that monitor AC power consumption to detect infections, reports The Register.
The two unnamed hospitals will be the first to trial the monitoring tool dubbed WattsUpDoc, scanning critical medical equipment for potentially life-threatening malware. The platform is said to detect malware with the accuracy of desktop security solutions, but – crucially – does not require the modification of system hardware or software.
WattsUpDoc was developed by researchers Benjamin Ransford and Denis Foo Kune, who first unveiled the platform in a 2013 paper, going on to form the commercial outfit Virta Labs.
“What you may be able to determine through AC power consumption are things like the computer that is plugged into an outlet, or more interestingly what is that computer doing?… We are thinking about those machines that are really hard to patch, really hard to upgrade, and really hard to get inside.” explained Benjamin Ransford at the RSA Conference. “We turned side-channel analysis on it’s head … traditionally it is used to disclose secrets but in this case we want to spy on malware instead of people.”
As noted by Security Affairs, tests of WattsUpDoc found that the platform detected at least 94% of known malware and 85% of unknown malware, roughly the same as a PC-based security solutions. However, the challenges of monitoring malware over AC can include the varied power consumption of modern computers and difficulties associated with the monitoring of multiple machines through a centralized system.
A BETA version of WattsUpDoc will be trialled in the two hospitals during 2015's second quarter. Meanwhile, Ransford and Kune's presentation slides from RSA are available to read online.
