Why are connected medical devices vulnerable to attack and how likely are they to get hacked? Here are five digital chinks in the armor.
There’s virtually no realm in healthcare today that isn’t adopting more technology. From real-time wireless access to your own health parameters through smart watches and wearables to implanted devices inside your body, technology is coming. But can we secure it all?
Several years ago at Black Hat, we saw an insulin pump being hacked. And whether the lion’s share of software on that device was off the shelf, regulators say that the integrator is responsible for security up and down the stack, including the underlying operating system (OS), even if it that OS has a good security track record. In other words: Device manufacturers bear the responsibility, no matter what technology they use.
While that casts the burden of security on the manufacturer, it also steeply increases the cost and complexity of bringing a device to market. As a result, while market pressures lean on companies to produce devices quickly, the road ahead looks rocky and expensive. Also, it can unknowingly put patients on the defense.
And what about patches, who’s responsible for those? According to the FDA, the manufacturer does that too. With some medical devices expected to be around for many years, that’s a long time to pay to support gear in the field.
What makes the devices vulnerable and how likely are they to get hacked? As this week’s theme of securing medical devices hacker break heart
