Security experts claim that medical implants may be at the mercy of hackers as they were proven to be vulnerable to cyber attacks.
With an ever increasing number of smart and digitalized common household appliances and important technological advances in all areas, including medicine, security experts are afraid that the next wave of cyber attacks will target these same devices.
Shortly after the massive distributed denial of service (DDoS) webcam attack, the cyber security company MedSec released a study that claimed that medical implants are vulnerable in the face of such attacks.
The company maintains that such medical devices, the likes of the cardiac implants produced by St. Jude, are unprepared for such attacks as their wireless communication system lacks the proper security that would defend them against any such attempts.
The MedSec study was commissioned by the Muddy Waters company, that targets investment research, and has ignited a dispute between the latter company and St. Jude Medical who is the largest producer of cardiac implants.
MedSec reported to having tested three of the company’s devices, the implants, its pre-program configuration, and the physician programmer used by doctors in order to set them up.
The home monitoring devices used by the patients were also tested, and the one thing connecting them all, the underlying radio frequency, seemed to have demonstrated a weakened security system.
According to the security company, a wishing attacker could connect to one of the devices, which in turn would offer them access to all the interconnected devices, including the medical implant.
The medical implants, especially the cardiac implants were specifically designed so as to feature the possibility of remote access.
This function would enable the cardiologists to monitor their patients’ state and, if need be, remotely access said implants via Wi-Fi. Thus, they could make any needed adjustment without having to call on the patient and once again connect or operate on them.
Although the connection’s purpose was established so as to accommodate both patient and doctor, the devices seem to be lacking in security measures.
As the security company maintains its claim that the remote access can be emulated and used by more than just the concerned physicians, St. Jude Medical has also kept its grounds and claimed that its products are both useful and safe.
As of September, St. Jude has decided to sue the Muddy Waters company as they view their tests as a means of scaring people away from the much-needed implants.
It will remain to see if the lawsuit and the tests will influence the security measures applied in the case of cardiac and medical implants as the fears of a massive cyber attack executed through more common and less protected digital devices is, unfortunately, increasingly more likely to happen.
Image Source: Wikimedia