Can Cybercriminals Hack Pacemakers?

Healthcare and technology have done some pretty incredible things for humanity. In fact, the two go hand in hand to ensure that we live longer, healthier and happier lives. But that's not to say it's foolproof. As one medical manufacture discovered, there is a major security flaw in their remotely controlled pacemaker that could have put the lives of its patients in jeopardy.

Regrettably, cybersecurity in healthcare is lagging far behind other industries. Isn't it time to catch up? Protect your organization, your employees and your patients by investing in cyber defense insurance from CyberPolicy.

Just a Heartbeat Away
In January 2017, the U.S. Department of Homeland Security issued a warning about one manufacturer's implantable heart devices, which are used to electronically pace heartbeats or shock the heart into a normal and healthy rhythm if it goes awry.

The remote-controlled pacemakers and internal defibrillators, produced by St. Jude Medical, allow physicians to review information sent from the device for a better understanding of how it benefits the patient. But this remote link-up could also be accessed by malicious and cruel hackers.

The defect was revealed by MedSec Holding, a cybersecurity research company focused on the healthcare industry. For obvious reasons, this security flaw wasn't publicly revealed until it had been remedied by the manufacturer.

So, what could a cybercriminal do with an insecure pacemaker? According to researchers, the attack could purposefully run down the device's battery, alter pacing or deliver a dangerous shock to the patient's heart.

Thankfully, this security flaw was remedied before it caused any real-world damages. But, it is still an eye-opening oversight that could have cost lives. As more web-connected technologies make their way into our healthcare system, the more we need to do to make sure they are digitally secure.

For the time being, IoT is notoriously ineffective at thwarting hacker attacks. And the healthcare industry as a whole is a hot target for cybercrime due to the financial value of patient records and lack of cybersecurity oversight. Not exactly the diagnosis that you'd want to hear regarding medical technology. So how can we improve this?

One way healthcare providers can sure up their cybersecurity is to work with an external agency or firm that can monitor devices for suspicious activity and mitigate problems in real time. Some agencies even offer AI or machine learning applications to assist in the speed and efficacy of such a program.

Another option is to only use devices equipped with necessary security protocols such as encrypted data transfer. Sadly, much of these standards need to be implemented by the industry as a whole, which, as you can imagine, may take some time.

In the meantime, you still need to treat your patients. Consider discussing with them the security risks and benefits of using internet-connected medical devices the same way you would advise them when starting a new medication. Are the potential side effects worth the benefits of using such technologies?

Finally, take advantage of cyber defense insurance from CyberPolicy. While it is impossible to stymie all hacker attacks, there is still plenty you can do to defend your organization and patients from digital incursion. Click the link to find out more!

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375