by Michael Hatamoto
Modern technology has helped save countless lives, but there is a growing threat that some biotech companies may be ignoring – implanted devices that can be hacked by skilled criminals.
There haven’t been specific cases of these devices being compromised, but recent demonstrations at Black Hat — and an increase in online reports of medical device security issues — has lawmakers worried about loopholes that must be fixed.
Earlier in the year, a security expert named Jerome Radcliffe hacked his insulin pump’s hardware onstage by reverse-engineering the device. He was able to use a small radio frequency transmitter to disable the device, along with controlling how much insulin was pumped using the pump.
“My initial reaction was that this was really cool from a technical perspective,” Radcliffe said in an interview with the AP. “The second reaction was one of maybe sheer terror, to know that there’s no security around the devices which are a very active part of keeping me alive.”
Although it wasn’t easy to successfully hack the device, security experts find it alarming that Radcliffe was able to intercept the pump’s wireless signals.
Individual hackers likely won’t be able to suddenly tamper with these devices anytime soon, but criminals familiar with medical technology could pose a threat if they attack a specific device. Furthermore, Medtronic, one of the biggest medical device suppliers, doubts whether or not Radcliffe and other hackers would be able to tamper with wireless devices in the real world.
Even so, researchers are actively working to design a jamming device to prevent anyone from tampering and changing how medical devices are supposed to work.
The Federal Communications Commission (FCC) is facing increased scrutiny from the Government Accountability Office (GAO) and lawmakers concerned that certain medical devices can be hacked. Of note, Edward Markey (D-Mass.) and Anna G. Eshoo (D-Calif.) are concerned that devices like insulin pumps, pacemakers and blood-glucose monitors can be tampered with by criminals.
In Europe, the European Union is currently trying to find methods to ensure the increasing blend between medicine and technology is done properly — an important issue as the number of people connected to electronic medical devices also increases. Meanwhile, U.S. lawmakers want the GAO to evaluate these security risks, noting that medical devices must operate in a “safe, reliable, and secure manner.”