According to a recent report from Reuters, the U.S. Department of Homeland Security is currently investigating nearly two dozen cases of suspected cybersecurity vulnerabilities in medical devices and hospital equipment that officials fear could be exploited by hackers.
The vulnerable products include implantable heart implants and drug infusion pumps, thus leaving members of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) concerned these flaws could be used to induce heart attacks and drug overdoses, among other things.
Without naming companies, the ISC-CERT team announced last year that a vast assortment of these medical devices contain backdoors making them quite susceptible to potential life-threatening hacks. These hard-coded password flaws affected roughly 300 medical devices — ranging from ventilators and patient monitors to surgical and anesthesia devices — across approximately 40 vendors.
“The senior DHS official said the agency is working with manufacturers to identify and repair software coding bugs and other vulnerabilities that hackers can potentially use to expose confidential data or attack hospital equipment,” Reuters stated.
While there are still no known deaths as a result of such malicious behavior, officials claim that it certainly isn’t “out of the realm of possibilities,” comparing similar incidents to those seen on TV like the show Homeland. In this Showtime Network spy drama, a fictional U.S. vice president is killed via cyber attack on his pacemaker. Coincidentally enough, former Vice President Dick Cheney has revealed that he once feared a similar attack and to prevent such thing from happening, disabled the wireless connectivity of his pacemaker.
Reuters points out that security officers are increasing their vigilance around cyber threats and that medical facilities throughout the country have beefed up their networks to protect from intruders. Furthermore, the report notes that security vulnerabilities in medical devices are exposed so manufacturers can fix them, and that there was no need for patients to panic. Nevertheless, as one can imagine, this still leaves many uneasy.
As scenarios such as these continue to emerge, it is becoming increasingly clear that embedded system insecurity affects everyone and every company, not just those in the healthcare world. Products can be cloned, software copied, systems tampered with and spied on, and many other things that can lead to revenue loss, increased liability, and diminished brand equity… or in this case, injury or death. Worry no more! Thanks to ultra-secure defense mechanisms and security at its core, Atmel devices can protect firmware, software, and hardware products from future threats. Register for a chance to receive a free CryptoAuthentication tool kit here!