Medical devices are the latest to be affected by cyber security flaws, it is emerging. The United States Department of Homeland Security is conducting investigations to verify if hospital equipment and medical devices that could be vulnerable to hacking. A senior official at the US Dept of Homeland Security told news agencies that they were in the process of reviewing Medtronic’s and St. Jude Medical’s implantable heart devices and an infusion pump model manufactured by Hospira. These reviews, sources close to the matter said, were being conducted by the Industrial Control Systems Cyber Emergency Response Team that works under the aegis of the US Dept of Homeland Security.
The people, speaking on condition of anonymity, said that it was too early to overstate the threats imposed by hackers of medical devices. Officials stated that they were not yet aware of any instances where hackers have cracked medical devices to attack patients.
However, the agency is taking every precaution to identify loop holes and seal them given that the possibility of hackers gaining remote control of the devices to compromise the health of patients cannot entirely be ruled out. Hackers could act in very dangerous ways, such as programming an infusion pump to cause a drug overdose in a patient.
A senior official from the US DHS said that the agency was collaborating with manufacturers to spot and repair any cracks and software bugs in medical devices. This, the official opined, would help in keeping confidential patient data secure and prevent any attacks on hospital equipment. The official, however, did not name the companies they were working with. This review does not imply any wrongdoing on the part of the companies whose medical devices are being reviewed. It merely indicates that the government agency is working with these entities to address and resolve problems.