Drugs and technology What's Buzzing

Can your pacemaker be hacked?

Written by Diane Archer

An article on Wired.com describes the scary security issues that come with high-tech medical devices. These health technology devices can be super “smart,” allowing remote control adjustment to better serve your medical needs. But, if they are not secure, patient safety is compromised, and it’s possible that someone could take control of your body. Can your pacemaker be hacked?

In brief, pacemakers, insulin pumps, defibrillators and a wide range of electronic medical equipment are all subject to hacking. You should not assume that the manufacturers of this health technology have put in place the security to prevent hacking. And, when electronic medical equipment is hackable, someone at a computer on the other side of the world could wreak havoc on patient safety, for example deactivating pacemakers or releasing insulin overdoses.

What’s even scarier is that if hackers can control a single medical device, there’s the potential for them to control the monitors that work in tandem with the device and, in turn, the pool of information and networks associated with that device and all related devices at a hospital. Medical records could be stolen. Entire systems controlling medical devices could be held hostage.

Today, hospitals often use a dozen or more “smart” devices to monitor and treat patients, potentially compromising patient safety and imposing grave risk on everyone they are treating. MRI machines and CT scanners can be easy targets for hackers as well, and hospitals may not even be paying attention.

While we haven’t heard much about medical device hacking, in the last three years “the health care sector has been hacked even more than the financial sector,” according to the chief technology officer at Zingbox.  “And more and more hacking incidents are targeting medical devices.” This is real and serious.

MedJack, a current hack, steals medical data and uses it for identity theft and prescription medication theft.  In the last year, Rainbow Children’s Clinic in Texas and Hollywood Presbyterian Medical Center were hacked. These attacks can and do disable computers, email, and other hospital systems.

Since 2013, the FDA has been assessing cybersecurity on medical devices before approving them. But, it’s just a start. For now, we are all at some risk. And, it’s not at all clear how we protect ourselves, short of staying healthy and out of the hospital.

Here’s more from Just Care:


Leave a Comment

Read previous post:
Are disease groups industry fronts?

During the health care reform debate, the overwhelming majority of groups representing people with particular diseases--so-called "patient-advocacy" organizations--opposed prescription drug...