FDA issues new security guidelines so that your pacemaker won’t get hacked

I'm not trying to scare everyone, but as a gaget guy I found this article to be rather interesting.  As more communications is added to medical devices, manufacturers have contend with possible hacking.    The article can be read at:

https://techcrunch.com/2016/12/28/fda-issues-new-security-guidelines-so-that-your-pacemaker-wont-get-hacked/

 

 


4 Comments

PM hack

by Cajun Girl - 2017-01-09 00:21:04

last visit to my EP I asked him about that.  He said without the device to be set over my pm and hooked to that programmer that it could not be hacked!  Hoping he's right, but you never know in this day and age!

Hackers

by Bionic Beat - 2017-01-09 00:39:54

theres an excellent article in Wired, called Go Ahead Hackers Break My Heart.

I do not know how to link it.  

Vulerabilities of medical devices has been well known for years.

i had one removed for sudden, unpredictable battery failure, 13 months ago.  It was a bit scary waiting, as I'm paced 100%.  I'm still here!!

IMO, the reality is that we are very lucky to live in a time where our broken hearts can be so readily mended.  Sure there's a risk but life is all about risks.  That's what makes it fun.    :-))

 

 

Pacemaker security - I'm relaxed

by LondonAndy - 2017-01-09 19:24:52

Whilst I agree it is sensible for manufacturers of pacemakers to think about security of these life-saving devices, personally this is not high on my list of concerns.  As Cajun Girl says, they'd have to get pretty close to do anything, and it seems an unlikely 'attack' for us normal bods.  If I was a billionaire perhaps I would take a different view!  

Also, whilst it might be sensible to announce an issue within 30 days of discovery, it sounds a pretty tall order to then roll out a fix for it to all users within 60 days of discovery, though I realise reprogramming doesn't require surgery, given that some 600,000 are inserted every year worldwide.  

Re: Hackers

by N8UAD - 2017-01-12 14:02:54

This is much ado about nothing. I have a St. Jude ICD, and Merlin@Home. I'm not losing any sleep over this. I have always assumed (apparently correctly) that this was POSSIBLE. However it isn't practical. In order for someone to establish a commincations link with your device they would have to be 6 to 10 feet from you, it would be so obvious that they were doing it that you could literally walk up to them with a bat and beat them senseless. Also, they would have to know the adressing information for your device to establish a link, not likely, they can't just send random commands "in the blind" they have to have an established link. They COULD try to get in through the Merlin network, but that thing is guarded better than most military bases that I've been on. I have worked on communications systems for 34 years, both digital and analog, via RF (like Merlin), and via hard wire. Is it possible? Yeah, is it likely? Not really, you'd have to be a high value target for someone to invest that kind of time and energy int "trying to get you". The whole thing reminds me of "the sky is falling". It's ridiculous.

You know you're wired when...

Intel inside is your motto.

Member Quotes

I’m healthy as a horse because of the pacemaker.