Hacking Medical Devices – What You Need to Know

Hello, and happy summer!!!

This month, our article might be a little short, but perhaps it is better to sometimes be more of a public service announcement.

More and more attention is being paid towards actual medical devices being hacked. This is possibly the number one next big thing in medical technology management and security.

Yep, that’s right, in some cases implanted medical devices can and are being hacked. While most of this type of things starts out, as a let me see if I can do this type scenario, it usually and quickly turns to something more malicious. As such, this is starting to gain more and more attention as this covers a very wide range of concerns.

Some have estimated that at anyone one time more than ten devices can be hooked up to a patient while in the hospital, of which the majority of those devices are “hackable”. This then ranges all the way to implanted devices such as pacemakers etc.

Keep in mind anything on the patient, in the patient’s room or literally in the patient themselves that has any form of connectivity be it networked, radio transmitted, any form of wireless connectivity providing information to the providers, has a security risk.

Recently Abbott recalled almost 500,000 pacemakers which had been marked as a high risk for being hacked and thus recalled by the manufacturer.

Think about the implications with this issue, what if a world leader had such a device and it was hacked by a foreign entity? Corporate leadership, civic leaders, local government officials, this list goes on and presents a real danger if these devices are not protected. Most of these devices have the ability to be maintained and updated through firmware updates. So now, you need to make sure your medical devices as well as in-office networks are kept up to date with the latest patch protection.

Other systems such as Infusion Pumps, and MRI Systems are and have been targeted by hackers. They have been hacked for the purpose of impacting the actual ability for the device to function to adjusting the prescribed delivery of medications.

A fairly widely published attack a few short years back, was from North Korea, an estimated quarter million MRI machines throughout the United Kingdom were hit. To date the full impact of this attack is still unknown. But reports of impacted ranged from access to the devices and connected networks at the administrative level. Leaving machines unusable and in many cases showing adjustments that had been made to the machines function, all done remotely.

Again, our intent is not scream that the sky is falling and everything in our lives are being hacked. Our intent is to inform, to provide a forum for thought and conversation. The more these topics are discussed and addressed through proper management from a user level and network security level, the more we can plan and ready ourselves for the next wave of technology related attacks.

Venture Pointe is always ready to discuss these issues with any practice or agency. Please give us a call and see why we have once again made the list of the fifty fastest growing companies in northeast Florida.