A global research team has hacked 10 different types of implantable medical devices and pacemakers finding exploits that could allow wireless remote attackers to kill victims. IT security experts from Tripwire commented below.
Lamar Bailey, Sr. Director, Security R&D at Tripwire:
“Connected products from refrigerators to medical devices are on the cutting edge of technology but security is taking a backseat to features as companies pump out these products as fast as possible to meet market demands. It is reminiscent of the changes that automobiles have been going through since their inception. It was not until the late 1960’s that the US government had to step in and mandate safety standards. We will likely see a similar trend with connected medical products if the industry cannot take care of it themselves. It is not an easy problem to solve due to a shortage of quality security engineers and the fact that most of them have been snapped up by the computer industry.
This is a problem that must be solved because any medical device that communicates to other devices is subject to attack. Many of the medical devices including pacemakers, IV pumps, etc. communicate over wireless networks so that they can be monitored and adjusted in real time but this communication can be intercepted and man in the middle attacks are possible in many instances. Hospitals are busy places, the nurses and doctors are thinking about their patients not how secure the equipment is with all the people walking in and out of various rooms. Vendors must step up and insure their devices are secure and take steps to impede any unauthorized tampering.”
Tim Erlin, Sr. Director, Product Management at Tripwire:
“The best time to deal with security flaws is before the product ships to customers. With implantable devices, it’s especially important that as many security defects as possible be addressed before a patient takes delivery.
There will always be newly discovered attack techniques and motivated researchers. With a changing threat landscape, vendors of implantable devices must plan for updating their products throughout their functional life.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…