In-brief: One in four Americans was the victim of data theft, but policy makers can’t find the spirit to act. What if I said that there was a disease that affected one in four adults in the U.S.? This disease caused pain and hardship and the costs of curing it were considerable – ranging to thousands of dollars per patient? And, again: one in four people contacted this disease – 25% of the adult population?Most epidemiologists would consider a disease that widely spread to be an “epidemic.” After all, the CDC considers an influenza outbreak to be an “epidemic” when around 7% of morbidity (deaths) in a given observation period are due to the flu. Here in the U.S., however, there’s a long-standing affliction bearing down on a quarter of the population, but nary a mention of the words “epidemic.” In fact, officials who monitor this disease are loath to […]
In-brief: A website run by the National Health ISAC will serve as a clearing house for information on security vulnerabilities in medical devices, the first of its kind in the US.
In-brief: St. Jude Medical said on Monday that it patched a serious hole in a product used to program implantable medical devices like defibrillators. But researchers and a Wall Street investment firm say the company still has more holes to close.
In-brief: The FDA’s final guidance on cybersecurity for postmarket medical devicesmarks a departure from earlier drafts, focusing generically on cybersecurity risk management and jettisoning an early focus on the threat posed by “connected devices” that some considered too narrow.
Researchers from universities in Belgium and the UK have published research showing that a wide range of implantable medical devices, including implantable defibrillators are still vulnerable to wireless snooping and denial of service attacks. The research, which mimicked the work of a naive (or “weak”) adversary, found that few security protections have been added to such devices, years after researchers first demonstrated that they are vulnerable to wireless attacks and other manipulation. The discoveries apply to at least 10 types of implantable cardiac defibrillators (ICDs) that are currently on the market, though the devices and manufacturers are not named. The researchers, from Katholieke Universiteit te Leuven in Belgium (KU Leuven) and the University of Birmingham in the United Kingdom echoes the claims made by the firm MedSec earlier this year, which warned of security holes in ICD devices made by St. Jude in August. That research was the foundation of a call […]