A study by researchers at Harvard Medical School, University of Massachusetts, and University of Washington, has shown the possibility of hackers interfering with implanted defibrillators, including downloading sensitive information and reprogramming the device to the detriment of the patient.
From the Wall Street Journal:
The study, to be presented at a California computer-security conference in May, suggests manufacturers should consider how to stop unauthorized people from tampering with implanted medical devices that receive instructions via radio waves, a growing category that also includes spinal-cord simulators and drug-delivery pumps.
“This report demonstrates that you can obtain private information without authorization. You can reprogram the device without authorization,” said William Maisel, a Harvard Medical School cardiologist and a co-author. But he cautioned that “our report is a theoretical risk, not an actual risk” and said there was no reason for anybody to consider removing a defibrillator.
There are no known cases of malicious tampering with somebody else’s defibrillator, Dr. Maisel said. The authors withheld certain details of their experiment to prevent malicious people from repeating the procedure.
More from the WSJ…
Flashbacks: ‘Hackers may target pacemaker technology’ ; When Hackers Attack Hospital; ‘Medical records are wide open to computer hackers’