boutons_deux
08-25-2016, 07:38 PM
Hackers Could Make a Killing After Finding Vulnerability in Medical Device Tech (http://gizmodo.com/hackers-could-make-a-killing-after-finding-vulnerabilit-1785761993)
A kind of batshit insane and unprecedented thing has just happened in the world of ethical hacking.
After finding serious security vulnerabilities in St. Jude Medical’s pacemakers and defibrillators, cybersecurity and research company MedSec decided to take that information to a short-seller (Carson Block of the investment firm Muddy Waters) which then bet against the company in the stock market. This was instead of disclosing the vulnerability, in theory something that could endanger lives, to the manufacturer St. Jude.
As Bloomberg explains (http://www.bloomberg.com/news/articles/2016-08-25/in-an-unorthodox-move-hacking-firm-teams-up-with-short-sellers):
MedSec suggested an unprecedented partnership:
The hackers would provide data proving the medical devices were life-threatening, with Block taking a short position against St. Jude.
The hackers’ fee for the information increases as the price of St. Jude’s shares fall, meaning both Muddy Waters and MedSec stand to profit.
If the bet doesn’t work, and the shares don’t fall, MedSec could lose money, taking into account their upfront costs, including research.
St. Jude’s stock closed down nearly 4 percent on Thursday. Abbot Laboratories made a $25 billion bid for St. Jude back in April. Thanks to these vulnerabilities, that deal could be in peril, according to Bloomberg.
MedSec’s CEO Justine Bone says that her company didn’t disclose to St. Jude because it was unconvinced the medical device maker would actually fix the problem.
Rather than have the problem ignored (and potentially put patient’s lives at risk), MedSec decided to not just shame St. Jude, but make it pay.
http://gizmodo.com/hackers-could-make-a-killing-after-finding-vulnerabilit-1785761993?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+gizmodo%2Ffull+%28Gizmodo%29
A kind of batshit insane and unprecedented thing has just happened in the world of ethical hacking.
After finding serious security vulnerabilities in St. Jude Medical’s pacemakers and defibrillators, cybersecurity and research company MedSec decided to take that information to a short-seller (Carson Block of the investment firm Muddy Waters) which then bet against the company in the stock market. This was instead of disclosing the vulnerability, in theory something that could endanger lives, to the manufacturer St. Jude.
As Bloomberg explains (http://www.bloomberg.com/news/articles/2016-08-25/in-an-unorthodox-move-hacking-firm-teams-up-with-short-sellers):
MedSec suggested an unprecedented partnership:
The hackers would provide data proving the medical devices were life-threatening, with Block taking a short position against St. Jude.
The hackers’ fee for the information increases as the price of St. Jude’s shares fall, meaning both Muddy Waters and MedSec stand to profit.
If the bet doesn’t work, and the shares don’t fall, MedSec could lose money, taking into account their upfront costs, including research.
St. Jude’s stock closed down nearly 4 percent on Thursday. Abbot Laboratories made a $25 billion bid for St. Jude back in April. Thanks to these vulnerabilities, that deal could be in peril, according to Bloomberg.
MedSec’s CEO Justine Bone says that her company didn’t disclose to St. Jude because it was unconvinced the medical device maker would actually fix the problem.
Rather than have the problem ignored (and potentially put patient’s lives at risk), MedSec decided to not just shame St. Jude, but make it pay.
http://gizmodo.com/hackers-could-make-a-killing-after-finding-vulnerabilit-1785761993?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+gizmodo%2Ffull+%28Gizmodo%29