Those vulnerabilities, the FDA said, could allow bad actors to remotely take control of the devices in order to generate false alarms or silence real ones. An attacker could, for instance, stop the system from notifying providers about a patient's cardiac status, putting their life in danger. Thankfully, the FDA has yet to receive reports of patient harm or device malfunction involving GE's central stations. The company has taken steps to prevent them all the same, advising customers to separate the equipment from wider hospital network and instructing them on where they can get a patch when it becomes available.

The FDA has been keeping a close eye on medical equipment cybersecurity measures and issues over the past years. It issued a final guidance instructing manufacturers to boost pacemakers' and insulin pumps' protections against cyberattacks in 2016. The agency also previously issued a warning about certain pacemakers that are vulnerable to hacking and even recalled half a million pacemakers due to hacking fears.