As we increasingly put medical devices into our bodies, and able to interact with them with all kinds of apps, the question has to be asked – just how safe are these devices from being hacked?
When it comes to medicine we think of bugs and viruses as something that, at best, make us sick and, at the worst, can kill us. What we don't think of is what effect the electronic versions of those things could have on the medical devices that are becoming all the more prevalent as we seek to overcome illness and other medical maladies.
In fact the very idea of anyone being able to hack medical devices, like pacemakers, don't even register in our conversations about the dangers of technology when in fact the ability to hack pacemakers has been doable for some time and the terrifying part of this is that agencies like the FDA in the US don't even have any types regulations in place when it comes to security in relation to medical devices.
This type of technology is increasingly important in our lives as more and more people become reliant on some sort of medical device, and while devices have been around for a very long time, it is only within the last ten years or so that they have become totally accessible. It is this accessibility that allows doctors, and patients, to collect all kinds of data; but it is that kind of accessibility that also makes them vulnerable to illegal and dangerous attacks.
Last year big news was made at one of the security conferences when a researcher hacked into his insulin pump using nothing more than a cheap Arduino module that cost less than $20. This was followed up by another example from a researcher at McAfee who could scan for and compromise insulin pumps wirelessly; and then cause any pump within 300 feet to dump its entire contents.
The same researcher showed at another conference how he had reverse-engineered a pacemaker so that it could deliver an 830-volt shock to a person's device from 50 feet away – in other words a medical assassination.
This medical cybercrime isn't just being directed at personal medical devices either as hospitals are starting to see a dangerous rise in malware infections in their computerized equipment. Part of the blame can be placed on manufacturers who are running older versions of Windows on their equipment and not allowing that equipment to be modified regardless of the fact that it could be desperately needed security updates for those systems.
While government regulators have been studying the issue the fact is that we are going to have to be even more stringent when it comes to security and the medical devices that our lives depend on.