medical devices are also being hacked …

January 15, 2020

Be careful with smart health connected devices. Lately, it was a smart health connected Jeep that two hackers were sending into a ditch. In the United States, federal regulators have released a press release warning users of a pump used to deliver drugs to patients.

If it’s not about becoming paranoid and cutting yourself off from any form of technology, it’s important to keep in mind that 100% security does not exist. If today computers can make medical devices more precise, they are still not immune to hackers. A malicious hacker who manages to make his way to a heart simulator or an insulin pump can do much more damage than hacking a computer or smartphone.

The US government has for some years already warned the public about the risks of hacking smart health connected medical devices. Friday, July 31, the U.S. Food and Drug Administration (FDA) published on its website a press release warning of the risks of using the Symbiq Infusion System, from the medical device manufacturer Hospira. This infusion system, mainly used in hospitals, nursing homes and ambulatory centers, can communicate with a Hospital Information System (HIS), by means of a wired or wireless connection on the infrastructure of installation networks. "FDA alerts users of the Hospira Symbic Infusion System cybersecurity vulnerabilities with this infusion pump. We strongly encourage health care facilities to use alternative infusion systems, and stop using this pump“, Can we read in the press release.

A potentially fatal security breach

A security breach, which “could allow an unauthorized user to check the device and change the dosage delivered by the pump, which could lead to overdose or underdosing of critical treatments for patients". In an interview with the Washington Post, Jay Radcliffe, who demonstrated in 2011 a way to wirelessly hack a computerized insulin pump, stated that the risks posed by these types of vulnerabilities are potentially more frightening than other medical device vulnerabilities. "These devices are actively smart health connected to the hospital network – and depending on how the network is set up, someone could potentially be able to access it from the Internet.“, He explains.

"There is no question that these vulnerabilities can be used to kill someone."Billy Rios, a former Google software engineer, who now works as a security consultant and is credited by the Department of Homeland Security with finding problems with certain Hospira pumps, told the Washington Post. The manufacturer explains on his website have stopped manufacturing the device as part of a larger strategy for change and is withdrawing it from the market. This type of problem would not be specific to Hospira, “We are still in the process of getting all companies to the same level of understanding (which implies) as if your device uses computers, you must be prepared to patch them (modify the program temporarily to correct an error) and update them“Says Radcliffe to the Washington Post.

[ad_2]