Medicine News

Life threatening risk: Hackers can take over defibrillators, rewrite commands with disastrous consequences – DHS warning

08/01/2019 / By

The Department of Homeland Security is warning against a critical flaw in Medtronic defibrillators which can be hacked by malicious actors. If a hacker were to exploit this flaw, they could gain control of the machine and rewrite commands — actions which could have fatal consequences. At the time of this reporting, there have been no documented incidents involving patients harmed by hacked devices. Medtronic is currently working on a fix for the bug in their defibrillators, but in the meantime, some 750,000 of their devices are impacted by the flaw.

When you hear the word “defibrillator,” you may think of the automated external defibrillator (AED), which a healthcare professional may use during the instance of sudden cardiac arrest. But there are other types of defibrillators, such as implantable or wearable cardioverter-defibrillators. These devices are attached to the patient in some capacity and are used to prevent sudden death in people with life-threatening arrythmias.

Medtronic produces implantable defibrillators — which means that the gaping security flaw in their devices puts many thousands of patients’ lives at risk.

Medtronic defibrillators vulnerable to hacking

As Daily Mail reports, security researchers from the Clever Security firm discovered the vulnerability in Medtronic implantable defibrillators earlier this year. Flaws in how they communicate with the radios doctors use to track and adjust the devices after implantation could be exploited by hackers. Specifically, the Conexus communications protocol used by Medtronic is not encrypted and does not require user authentication — two big missteps in the world of cybersecurity.

ebook Discover how to prevent and reverse heart disease (and other cardio related events) with this free ebook: Written by popular Natural News writer Vicki Batt, this book includes everything you need to know about preventing heart disease, reversing hypertension, and nurturing your cardiac health without medication. Learn More.

If these vulnerabilities were to be exploited, attackers could interrupt communications and change information on the device — potentially weaponizing the defibrillator and harming the patient. In addition to interfering with device functionality, attackers could gain access to any sensitive information stored on it.

DHS has given this threat a rating of 9.3 out of 10, noting that it requires “low skill to exploit.” However, a malicious actor would have to be in close proximity to the patient in order to carry out their attack.

As Threatpost reports, 20 different products made by Medtronic are affected by these flaws — and an estimated total of 750,000 devices may be vulnerable.

A Medtronic spokesperson told Threatpost that the company is “conducting security checks to look for unauthorized or unusual activity that could be related to these issues.” The company reports that there have been no attacks on vulnerable devices so far, and that there will be a series of software updates to resolve these security issues. The spokesperson told Threatpost that the first update will come in late 2019, pending regulatory approval.

However, there is still a greater problem at hand: Many medical devices are vulnerable to being attacked and exploited.

Many medical devices at risk

Cybersecurity experts have been warning about potential vulnerabilities in medical devices for quite some time. In 2018, CBS News reported that the federal government was investigating potential risks in devices such as pacemakers, insulin pumps and defibrillators.

At the time, government agencies said there were no reported incidents of medical devices being hacked and used to harm patients — but a pair of cybersecurity experts contends that the threat of exploitation is imminent. Security researchers Billy Rios and Johnathan Butts said they were able to hack every device they examined. And as the Medtronic flaws show, in many cases, you don’t need much skill to exploit the flaws seen in medical devices.

Many devices that are used to keep people alive — from drug infusion pumps to pacemakers — can be easily infiltrated. While data breaches can be devastating, hacking a medical device could kill a targeted patient.

It is no wonder security experts are now calling on medical device makers to take the security of their devices more seriously.

Learn more about hacking and cybersecurity at Glitch.news.

Sources for this article include:

DailyMail.co.uk

Threatpost.com

CBSNews.com

Tagged Under: , , , , , , , , , , ,

Comments
comments powered by Disqus

RECENT NEWS & ARTICLES

CWC Labs releases heavy metals test results for FIVE more popular probiotics supplements, revealing near-zero lead levels
08/23/2019 / By Mike Adams
Medical research breakthrough: Scientists can now measure microscopic vibrations to identify proteins, similar to “fingerprinting”
08/23/2019 / By Stephanie Diaz
Analyzing the effects of silibinin against prothrombin kringle-2-induced neurodegeneration
08/23/2019 / By Evangelyn Rodriguez
Socialized medicine in Canada: No money to keep you alive, but plenty of government funds to help you commit suicide
08/22/2019 / By Isabelle Z.
Reduce inflammation to improve heart health: Study
08/22/2019 / By Evangelyn Rodriguez
Worried about heart disease? Sleep on it – it’s good for your arteries
08/22/2019 / By Evangelyn Rodriguez
Deadly blow to the chest does not affect heart contraction, according to research
08/22/2019 / By Edsel Cook
Just ONE serving of greens per day helps delay brain aging by over a decade
08/22/2019 / By Janine Acero
JAMA study finds that drinking fluoridated water causes brain damage in children
08/22/2019 / By Ethan Huff
Statins are a scam: Learn the secrets of natural heart health with Natural News’ latest book
08/22/2019 / By Vicki Batts
The brain adapts: Boy’s brain rewired itself to compensate when a huge piece was removed
08/22/2019 / By Ralph Flores
Case report: A person with diabetic foot exhibited improved wound healing with integrative approach
08/22/2019 / By Evangelyn Rodriguez
If you can’t ban it, steal it: How Big Pharma is trying to gain control of the cannabis industry
08/21/2019 / By Tracey Watson
A component of ginseng found to have anti-tumor effects against liver cancer
08/21/2019 / By Evangelyn Rodriguez
Clinical review finds electroacupuncture treats postoperative urinary retention in women
08/21/2019 / By Ralph Flores
CBD is proving to be an effective natural treatment for depression
08/20/2019 / By Vicki Batts
Make dietary changes to manage your underactive thyroid naturally
08/20/2019 / By Zoey Sky
Brazilian ironwood, or leopard tree, found to reduce joint pain
08/20/2019 / By Stephanie Diaz
Researchers use electrical stimulation to improve depression symptoms
08/20/2019 / By Edsel Cook
Do you often get up in the middle of the night to pee? You may have blood pressure abnormalities
08/20/2019 / By Evangelyn Rodriguez

Medicine.News is a fact-based public education website published by Medicine News Features, LLC.

All content copyright © 2018 by Medicine News Features, LLC.

Contact Us with Tips or Corrections

All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

Privacy Policy