By B.N. Frank
Experts have determined that anything wirelessly connected has the potential of being hacked – including medical devices and implants. In 2007, Former Vice President Dick Cheney had the wireless connection disabled on his pacemaker because he was afraid someone would try to murder him by hacking into it.
This possibility has been reported by many experts over the years and in 2017, the FDA recalled almost ½ million pacemakers due to hacking fears. This is why it makes NO sense that the FDA continues to approve the use wireless medical devices and implants anyway. But they have, and may continue to do so despite new risks they reported in July and again yesterday.
From Press Release 1:
Today, the U.S. Food and Drug Administration is informing patients, health care professionals, IT staff in health care facilities and manufacturers of a set of cybersecurity vulnerabilities, referred to as “URGENT/11,” that—if exploited by a remote attacker—may introduce risks for medical devices and hospital networks. URGENT/11 affects several operating systems that may then impact certain medical devices connected to a communications network, such as wi-fi and public or home Internet, as well as other connected equipment such as routers, connected phones and other critical infrastructure equipment. These cybersecurity vulnerabilities may allow a remote user to take control of a medical device and change its function, cause denial of service, or cause information leaks or logical flaws, which may prevent a device from functioning properly or at all.
To date, the FDA has not received any adverse event reports associated with these vulnerabilities. The public was first informed of these vulnerabilities in a July 2019 advisory sent by the Department of Homeland Security. Today, the FDA is providing additional information regarding the source of these vulnerabilities and recommendations for reducing or avoiding risks the vulnerabilities may pose to certain medical devices.
“While advanced devices can offer safer, more convenient and timely health care delivery, a medical device connected to a communications network could have cybersecurity vulnerabilities that could be exploited resulting in patient harm,” said Amy Abernethy, M.D., Ph.D., FDA’s principal deputy commissioner.