Medical Devices At Risk
Washington: Researchers said that medical devices such as pacemakers are vulnerable
to attacks
by hackers, by gaining access to the patient’s private in formations or to re-programmed those devices and thus putting their health in serious risk.
A US study showed that in lab tests, the research team was able to intercept signals sent from an implantable cardiac defibrillator (ICD). The research team led by computer scientists Kevin Fu of the University of Massachusetts and Tadayoshi Kohno of the University of Washington, and cardiologist William Maisel of Harvard Medical School. According to Fu, those devices contained patient’s private information such as name, therapy settings, diagnostic details and etc. The research team even managed to modify the settings on the device using an unauthorized machine that they have build. Today’s ICDs typically can receive
wireless signals over a small distance, but new technology is enabling the longer distance wireless receiving range of the devices, and thus creating greater potential for information to be intercepted. Fortunately, there are no reported cases of patient with ICD or pacemaker being targeted by hackers. The major concern is what will happen as these devices become more advance, as they embrace wireless technology and connected to the internet, and begin to hook up with other devices. Fu said in the future, these devices may be able to communicate to a drug pump in our body.
So the team wanted to make sure that the community understands how
security and privacy affect more traditional goals of safety and effectiveness as new technologies are being integrated into medical devices.
Maisel said the main aim of the study was to encourage the medical device industry to think more carefully about the security and privacy of patient information, especially over the wide spread of wireless communication application. Despite the security flaws shown up by the study, Fu stressed that the pros of being fitted with a pacemaker outweigh the security and privacy-related cons.
The peer –reviewed report will be presented and published at the Institute of Electrical and Electronic Engineers Symposium on Security and Privacy in Oakland, California in may.