Clinical Engineering Bank

  Be inspired by your Profession  

CE Blog Post New Entry

Can medical devices be hacked like remote-controlled cars?

Posted by Salah Alkhallagi on August 4, 2015 at 8:02 AM

By Adam Rubenfire | July 22, 2015

Two hackers recently proved to Wired magazine that they could wirelessly hack into a Jeep and other vehicles and remotely take control of them.Scarier still? Hackers have demonstrated that they can tamper with medical devices that can mean life or death for patients. “It’s not a conspiracy theory. It is absolutely true that our medical devices are one of the most insecure areas in healthcare today,” said Mac McMillan, a healthcare security expert and founder of CynergisTek, an Austin, Texas-based security consultancy.Implanted defibrillators and pacemakers, insulin pumps and just about every wearable or in-hospital medical device connected to the Internet has been hacked or proven insecure, McMillan said.

Recently, a hack called Medjack has been used to compromise multiple devices in an effort to steal data from hospital networks.


Medjack “has been successful at exploiting the weakness in medical devices to allow an attacker to compromise the network,” McMillan said.


The federal government isn’t working fast enough to address the issue, McMillan said, partly because of the hodgepodge of agencies involved, including the Food and Drug Administration, the Federal Communications Commission, the Department of Homeland Security and HHS’ Office for Civil Rights, just to name a few.


The FDA has recommended that medical-device manufacturers submit documentation regarding cybersecurity issues during the pre-approval process, but McMillan said the industry otherwise lacks regulation on this issue.


Despite vulnerabilities in medical devices, patients are overwhelmingly safer using devices than not using them, said Kevin Fu, an associate engineering professor at the University of Michigan and chief scientist at Virta Laboratories, which is developing a malware detection device for hospital equipment.


Fu said the industry has a long way to go, but there are systems in place to ensure patients’ safety. Part of the problem is that most medical-device engineers aren’t taught IT security in school and have been somewhat unaware of the risk in the past, he said.


Though it’s unlikely patients would be harmed through their implantable devices, it wouldn’t be out of the question for a hacker to use garden-variety malware to infiltrate a hospital’s network and coincidentally break into a medical device running old, vulnerable operating systems, Fu said. Such an attack could prevent infusion pumps from working or cause patient monitors to display incorrect information.


Manufacturers need to make devices that are inherently secure and work directly with hospitals to implement their devices in a protected configuration, Fu said. Devicemakers can’t simply require that the device be installed on a “secure network,” because these days that’s much easier said than done.


“I think a manufacturer can no longer just assume that they’ll provide the device to the hospital, and say, ‘We’ve done our job,’ ” Fu said. “It needs to be much more interactive, because every network is different.”


Industrywide “security hygiene” standards are being formulated through groups like the Association for Advancement of Medical Instrumentation, Fu said, but those efforts are still in their early stages.


Some hospitals have found workarounds to protect the connected devices on their internal wired or wireless networks, but they shouldn’t have to accommodate devicemakers’ often-antiquated operating systems, McMillan said. Manufacturers likely aren’t jumping to work on security because it could force them to undergo the costly process of rewriting outdated code.


“Until someone says they need to address this, bottom line is they’re being driven by their bottom line,” McMillan said.

Categories: Medical Equipment, Healthcare Technology, Safety

Post a Comment


Oops, you forgot something.


The words you entered did not match the given text. Please try again.

Already a member? Sign In


Reply SlidaySak
5:59 PM on February 23, 2023 
These medications work to relax the blood vessels to lower the pressure your heart has to pump against cheap cialis online pharmacy Erythema nodosum in Israeli children
Reply QuinueFub
12:57 AM on February 21, 2023 
Rising blood pressure is a normal process of aging and does not require drug intervention even when it reaches 140 80 buying generic cialis online safe
Reply exharce
3:21 AM on February 10, 2023 
nolvadex for sale uk There seemed difference between furosemide and torsemide to be countless winds whistling in the sigh, I know your wish
Reply Astenly
11:35 PM on February 5, 2023 
8percent loss on the S P 500 index clomid nolvadex pct
Reply Paddipwag
7:49 PM on February 5, 2023 
Therefore, treatment with ketoprofen extended release capsules is not recommended in these patients with advanced renal disease where sells genuine clomid in the uk Keywords breast cancer; drug induced lung injury; tamoxifen
Reply Flictar
4:42 AM on February 4, 2023 
buy zithromax online without a prescription The Ticton tribesmen have not made a move since, Nor did they pursue the retreating army of the Duchy of Are, You gave me thousands of miles of land as a can i take hemp oil with blood pressure meds gift, and our descendants will take good care of this gift for thousands of years
Reply Astenly
6:34 AM on February 3, 2023 
Monitor Closely 1 erythromycin base will increase the level or effect of daridorexant by affecting hepatic intestinal enzyme CYP3A4 metabolism free clomid
Reply annebra
11:00 PM on January 25, 2023 
priligy generico Mortality from breast cancer ranks second only to lung cancer, with 40, 470 breast cancer deaths predicted in 2009 1
Reply unloxia
2:26 AM on December 17, 2022 
If you have or have had thyroid cancer, you probably want to know if there are things you can do that might lower your risk of the cancer growing or coming back, such as exercising, eating a certain type of diet, or taking nutritional supplements stromectol tablets While we were unable to prove an etiological connection between the tea and our cases, the temporal association is compelling
Reply prayecy
9:53 PM on December 12, 2022 
how to order clomid on line in canada This work was also funded by Stand Strong, Ryan s Quest, Michael s Cause, and Pietro s Fight all to KRW; a Maryland Stem Cell Fellowship to CS; and American Heart Association Career Development Award 19CDA34760161 to PA
Reply mymnimpen
5:10 PM on December 7, 2022 
Lumpectomy and radiation treatment for invasive lobular carcinoma of the breast tamoxifen citrate 20mg
Reply critele
1:54 PM on November 23, 2022 
Some bind to cardiolipin antigen, used in serologic tests for syphilis, so patients with lupus may have a false positive test result for syphilis ?ยป?stromectol
11:53 AM on November 20, 2022 
Long term toxicities and impaired quality of life should be considered in decision making lasix side effects in dogs Arterial Blood Pressure and Echo Tracking Analysis
Reply Braitiawn
9:14 PM on November 19, 2022 
doxycycline cost The photo of this author will be reset to default one
Reply earneli
5:40 PM on November 18, 2022 
Lancellotti P, Nkomo VT, Badano LP, Bergler J, Bogaert J, Davin L, et al ordering tamoxifen and clomid
Reply Cefethede
1:02 PM on November 13, 2022 
priligy side effects Monitor Closely 1 hydrocortisone will decrease the level or effect of repaglinide by affecting hepatic intestinal enzyme CYP3A4 metabolism
Reply Evosume
1:38 PM on November 5, 2022 
Skin Subcutaneous Tissue tamoxifen dose
Reply Intebra
6:40 AM on August 15, 2022 
ivermectin purchase online Sildenafil G???โ€š????โ€œ?????โ€™??nstig Online Kaufen
Reply Frirway
10:29 PM on July 26, 2022 
Purchase No Prescription Flagyl Pharmacy best generic cialis

Oops! This site has expired.

If you are the site owner, please renew your premium subscription or contact support.