Understanding Cybersecurity Threats To Medical Devices

The reality of cyber-attacks targeting medical devices is undeniable, especially those capable of wireless, wired, or USB connectivity, rendering them more susceptible to cybersecurity threats compared to unconnected devices. While documented attacks on medical devices like pacemakers, defibrillators, and infusion pumps remain scarce, security researchers caution the healthcare industry about its lag in safeguarding devices against hackers, prompting FDA warnings and recalls due to cybersecurity vulnerabilities.

In response to a 2018 warning, Medtronic disabled internet updates for over 34,000 CareLink programming devices globally after researchers identified cyber-attack vulnerabilities, prompting FDA approval of this action to address patient concerns. Understanding the potential alarm among patients with devices linked to the CareLink network, FDA issued a safety notice endorsing Medtronic’s decision to disable internet updates.