Warning from FDA: St. Jude Pacemaker Vulnerable to Hackers
When Vice President Dick Cheney asked his cardiologist to replace his WiFi-connected pacemaker with one without internet capability in 2007, assassination through medical device hacking seemed far-fetched. But this week, the U.S. Food and Drug Administration announced that almost half a million pacemakers made by Abbott are vulnerable to hackers.
The FDA announced on Wednesday that patients with the Abbott (formerly St. Jude Medical) radio frequency-enabled implantable pacemaker should update the software to patch a security vulnerability in the device’s older software. The FDA says it did not receive any reports of pacemakers being compromised, but the agency says a targeted attack is possible. The FDA says the recall affects 465,000 Abbott devices.
The FDA says patients do not need to get a new pacemaker, but patients with the device should go to their doctor to update the device’s firmware (a type of software inside the device). It’s an easy fix that only takes three minutes and does not require surgery, the FDA says. A doctor would need to put the device in backup mode and update the software.
According to the FDA, the Department of Homeland Security told the agency that compromising the security of Abbott devices would require “a highly complex attack.” An attacker would need to be very close to the victim, but the older software would allow an attacker to gain access to the device and send commands through radio frequency (RF) transmissions. The commands could range from turning the device off to increasing the pace frequency.
Read More at the Source: FDA Warns St. Jude Pacemakers Vulnerable to Hackers | Inc.com