Pacemakers are vital pieces of medical equipment that patients rely on to stay alive — but they’re also sophisticated electronic devices that, these days, rely on software and internet connections to do their jobs properly.
As such, they can be hacked. This is a medical danger that wasn’t exactly anticipated when the pacemakers were designed — but perhaps one that should have been predictable given today’s “internet of things” and the ability of criminals to worm their way into just about any device with a computer chip in it.
The newest study on today’s pacemakers — as well as other sophisticated medical devices that have internet connectivity — has taken the step of warning patients and doctors. While it hasn’t happened yet, there are reasonable fears that a hacker could target medical devices in the future for his or her own purposes.
In fact, the risk has been there for over 10 years. Hackers could potentially interfere with a pacemaker’s wireless communications used in remote monitoring for patients, making it unable to properly detect or handle a crisis. The effect on other medical devices that use wireless monitoring could be similar.
Despite the long-standing risk, the Food and Drug Administration (FDA) has just recently issued guidelines to the designers and manufacturers of medical equipment with remote-access capabilities. The guidelines are not even binding — but they do recommend that companies take a multi-faceted approach to the challenge of making sure that patients are safe.
Among the recommendations, makers of medical devices with internet connectivity should monitor the health care networks being used for vulnerabilities. Risks of a hacking attack that shuts down the health care provider’s system, rather than targeting individuals, are a particular concern. A hacker could potentially hold a health care facility for ransom, for example, by shutting off pacemaker monitoring capabilities — which would threaten the lives of all the facility’s patients with pacemakers.
Developers are expected to address new cyber threats as they arise — rather than taking a reactionary approach. In addition, patients should be warned of the potential risks.
Experts say that the benefits of internet-enhanced medical devices still outweigh any risks — but it’s a potentially complicated medical, ethical and legal issue for manufacturers. If manufacturers fail to address potential threats, they could face significant lawsuits in the future for making and marketing medical devices that are unsafe for consumers.
Source: Fox News, “Heart alert: Pacemakers can be hacked, new research shows,” Melanie Dadourian, Feb. 21, 2018