FDA Issues Safety Advice for Cardiac Device Over Hacking Threat

FDA Issues Safety Advice for Cardiac Device Over Hacking Threat

The U.S. Food and Drug Administration has issued new advice about how to safeguard implantable cardiac devices against hackers.

A wireless transmitter used to transmit data from cardiac devices to medical providers, the [email protected] Transmitter made by St. Jude Medical was found to be vulnerable to online hacking, the FDA said.

While no hacking event has been reported, the possibility of tampering was so concerning St. Jude Medical worked with the FDA and the Department of Homeland Security to develop a software patch, which was released yesterday, to help protect the device and patients using it from hacking.

"Many medical devices —- including St. Jude Medical's implantable cardiac devices —- contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits," FDA officials said in a statement yesterday.

The transmitter is placed in the home and can be used to monitor a variety of implantable cardiac devices including pacemakers, defibrillators or resynchronization devices and send health data back to a medical provider or the patient. The transmitter also allows doctors to change the device settings remotely.

"As medical technology advances, it’s increasingly important to understand how innovation and cyber security impact physicians and the patients we treat," Dr. Leslie Saxon, chair of St. Jude Medical’s Cyber Security Medical Advisory Board, said in a statement. "We are committed to working to proactively address cyber security risks in medical devices while preserving the proven benefits of remote monitoring to assess patient status and device function."

With the new software patch, the FDA "determined that the health benefits to patients from continued use of the device outweigh the cybersecurity risks."

The FDA advisory comes as concern has been growing about how hacking could affect the medical field. In recent years multiple hospitals have paid ransom after 'ransomware' hacking left their medical files encrypted.

Thomas Lewis, a practice leader of LBMC Information Security, said the benefits of being able to monitor implanted medical devices wirelessly has helped patients tremendously. But it has also increased the risk that devices could be hacked.

"It allows providers to have a 24/7 look at how a patient is doing and that's invaluable when you talk about treatment," said Lewis. However, the continued challenge will be for providers to constantly stay ahead of any malicious actors looking for vulnerabilities on the devices.

"We typically see in emerging technology they aren't as tested and vetted quite as much from a security perspective," said Lewis. He pointed out that protecting these devices from hackers will require providers to constantly test the devices for weaknesses.

Patients with the transmitter are advised to continue a normal routine of check-ups with their doctor and to keep their transmitter connected to WiFi so that it can automatically upgrade with the new software patches. Patients with questions can contact St. Jude Medical's [email protected] customer service at 1-877-My-Merlin.

"The safety and security of patients is always our primary focus," Phil Ebeling, vice president and chief technology officer at St. Jude Medical said in a statement. "We’ll continue to work with agencies, security researchers, physicians and others in the industry in a coordinated way to develop best practices and standards that further enhance the security of devices across the medical industry."



Add Comment

all comments

  Other news

more
March for Science: Thousands in London join global protest

March for Science: Thousands in London join global protest..

22-Apr, 13:25

Thousands of people have gathered in London to join a celebration of...

Liam Payne’s ex-girlfriend Sophia Smith congratulates him on becoming a father

Liam Payne’s ex-girlfriend Sophia Smith congratulates him on becoming a father..

22-Apr, 14:09

Liam Payne’s ex-girlfriend Sophia Smith has congratulated the new dad on...

Alex Jones confirms return to The One Show, three months after giving birth

Alex Jones confirms return to The One Show, three months after giving birth..

23-Apr, 06:08

Alex Jones with husband Charlie Thomson Alex and her husband Charlie...

Acid attacks 'hidden' by fearful victims, say police

Acid attacks 'hidden' by fearful victims, say police..

22-Apr, 10:48

The true extent of acid attacks in Britain may be hidden because victims...

US drops 'mother of all bombs' in Afghanistan, largest non-nuclear weapon

US drops 'mother of all bombs' in Afghanistan, largest non-nuclear weapon..

13-Apr, 13:24

Targeting an ISIS cave complex in eastern Afghanistan, the U.S. military...

Russian government trolls Sara Jessica Parker on Twitter

Russian government trolls Sara Jessica Parker on Twitter..

04-Mar, 06:26

As a high-wattage star, Sarah Jessica Parker is no stranger to internet...

Ivanka Trump bakes Purim pastries with her kids in new photo

Ivanka Trump bakes Purim pastries with her kids in new photo..

11-Mar, 04:29

First daughter Ivanka Trump shared a photo Friday of herself and her two...

German city worker embezzles thousands from parking machines

German city worker embezzles thousands from parking machines..

11-Apr, 08:16

A German city employee who emptied parking machines has been arrested for...