With hacking becoming more prevalent it seems we’re at one of those cross roads. The General Accountability Office is preparing a report on the security vulnerability of wireless medical devices. The report is due next month and may propose that a federal agency review device security before devices are approved for public use. Wireless medical devices, such as pace makers and automatic insulin pumps, have been in use for years – long before patients and doctors had to worry about the possibility of outside forces wirelessly tampering with the devices’ functionality. Now, that possibility is not so remote. Malware has already been found on some wireless medical devices and the possibility of a live hack was recently demonstrated. Here’s what happened, from Information Week:
Congressional interest in the issue was prompted by a public demonstration of how easy it is to hack into a medical device: Security researcher Jeremy Radcliffe hacked his own insulin pump at a recent conference in Las Vegas, using a dongle attached to a PC port to change settings on the device wirelessly.
In 2008, researchers at the Medical Device Security Center in Amherst, MA, also hacked pacemakers and defibrillators wirelessly. An article in Wired Magazine noted that an attacker could use such an approach to kill somebody by sending a fatal shock to a pacemaker, for example.
The FDA has so far received no reports of patient safety incidents tied to the hacking of medical devices such as heart monitors and infusion pumps. But a Department of Veterans Affairs (VA) study showed that between January 2009 and spring 2011, there were 173 incidents of medical devices being infected with malware. The VA has taken the threat seriously enough to use virtual local area networks to isolate some 50,000 devices.
Read the full report at Information Week >>>
Technology is so weaved into our everyday lives that it can be easy to forget about it. Or easy to think it’s safe because it has always been. But as technology continues to advance it’s going to become increasingly important to back track and thoroughly test older technologies against today’s threats.
Security testing, especially skilled white-hat testing, is going to be a key need for new technologies – like wireless car starters, auto driving functions and advanced medical devices. But it’s going to be even more important to existing technologies, like pacemakers, insulin pumps and home security systems.