Medical devices need to be careful about security vulnerabilities.
When we are grooming the #wearable #medical #devices industry, the bad news is the security vulnerabilities of these devices. A Recent report finds many #security #vulnerabilities in connected, implantable medical devices.
Medical device security report:
A recent report from security firm WhiteScope describes more than 8,600 flaws in pacemaker systems. And the third-party libraries that power various components of the devices. The broad list of flaws includes a lack of encryption and authentication, simple bugs in the code and poor design that can put patient lives at risk. These vulnerabilities were associated with outdated libraries used in pacemaker programmer software. WhiteScope analyzed seven different pacemaker programmers from four different manufacturers with a focus on programmers that rely on modern radio frequency. The programmers are used to monitor the function of implantable devices and set therapy parameters.
Most of these systems run on a similar architecture including an implanted medical device. A home monitoring system, a pacemaker programmer and a cloud-based infrastructure that relayed data to a physician.One manufacturer alone had 3,715 flaws and another had 2,354. In one instance. The researchers found the models didn’t require physicians to authenticate a programmer, and the programmers didn’t authenticate implantable pacemakers. Which means anyone who can get within range of the device can alter the implanted device’s settings.
This isn’t the first time #medical #device #security has been under fire. St. Jude and Abbot’s medical devices have been #criticized since fall of 2016. ICS-CERT and the U.S. Food and Drug Administration have released warnings about medical devices since 2013