Please login to the form below

Could hackers threaten your health?

Increasing cyber threats mean medical device providers must now take security matters more seriously, writes our Say technology blogger.
Like many industries, healthcare has been swept up in an ever-growing tide of technological innovation. New technology can increase the quality and capabilities of medical care without causing a corresponding increase in cost. However, this innovation also carries a degree of risk.

Last year researchers from the University of Leuven in Belgium and the University of Birmingham in the UK found a way to hack into implanted medical devices. Intercepting signals between pacemakers and their programmers, they were able to steal medical information, drain the device’s battery, and even send malicious messages, causing the devices to malfunction and disrupt critical lifesaving care.

This problem is not isolated. Implanted devices often connect to sensors and monitors within a hospital without using passwords, encryption or other security measures. Wireless connectivity and remote monitoring make it easier for health providers to adjust device settings without invasive procedures, but they also create a potential ‘back-door’ into hospital networks. Unsecured devices can provide hackers with an entry point to steal valuable medical data or launch a widespread ransomware attack.

Unfortunately, hospitals make appealing targets. Not only do they hold valuable troves of highly sensitive data, which can be used for anything from identity theft to illegally obtaining prescription medication, they also hold responsibility for hundreds of lives. If a hospital’s network is shut down by ransomware, they must act quickly to take back control and safeguard patients.

The global WannaCry ransomware attack in May proved that this risk is real. The attack severely impacted NHS health services in the UK and even, as Forbes’ Thomas Brewster reported, spread to some medical devices in the USA, showing just how vulnerable healthcare can be to a cyberattack.

Luckily, medical device makers are waking up to this growing threat. In this year’s Def Con hacking conference, representatives from the US FDA, the government body responsible for the security of medical devices, spoke for the first time.  Attempting to spark a dialogue between medical device makers and “white hat” hackers, their main goal was to encourage cooperation. If both sides work together, they can find potential flaws and vulnerabilities in medical equipment, enabling companies to fix them before they can be exploited. At the same time, producers of medical devices (including Johnson & Johnson and Philips) have also started sending staff to Def Con in order to keep abreast of the latest developments in cybersecurity.

After being hit by recent discoveries of security flaws in on-the-market insulin pumps, pacemakers, and infusion pumps, cyber security researchers and medical suppliers are even considering a “Hippocratic oath” for device makers who, like doctors, would vow to act in the best interest of patients. There has also been an increase in regulatory action, with the FDA now requiring a firmware update intended to reduce the risk of a certain type of cardiac pacemaker being hacked.

While it is impossible to deny the myriad advantages that come with today’s advancing medical technology, increasing cyber threats mean medical device providers must now take security matters to heart, literally.

29th September 2017

Share

Tags

Company Details

Say Communications

+44 (0)20 8971 6400

Contact Website

Address:
The Courtyard
7 Francis Grove
Wimbledon
London
SW19 4DW
UK

Latest content on this profile

Australian Flu and the dilemma of naming diseases

Say Communications
How human differences can affect communication success by Samantha Lynne
DISC Consultant Samantha Lynne examines how human differences affect communication success.
Say Communications
Could hackers threaten your health?
Increasing cyber threats mean medical device providers must now take security matters more seriously, writes our Say technology blogger.
Say Communications
Can we ‘outsmart’ smartphone addiction by using it to develop effective health apps?
Are you guilty of repeatedly checking your phone 24/7? Our new blog explores what makes them so addictive and how understanding this may help us develop more effective health apps.
Say Communications
Why I think rare disease companies are more patient-centric
Guest blogger Kamlesh Sheth believes companies that specialise in rare disease tend to be more patient-centric.
Say Communications
Embracing the demands of the empowered ‘consumer-savvy’ patient by Ann Generlich

Say Communications