Researchers from universities in Belgium and the UK have published research showing that a wide range of implantable medical devices, including implantable defibrillators are still vulnerable to wireless snooping and denial of service attacks. The research, which mimicked the work of a naive (or “weak”) adversary, found that few security protections have been added to such devices, years after researchers first demonstrated that they are vulnerable to wireless attacks and other manipulation. The discoveries apply to at least 10 types of implantable cardiac defibrillators (ICDs) that are currently on the market, though the devices and manufacturers are not named. The researchers, from Katholieke Universiteit te Leuven in Belgium (KU Leuven) and the University of Birmingham in the United Kingdom echoes the claims made by the firm MedSec earlier this year, which warned of security holes in ICD devices made by St. Jude in August. That research was the foundation of a call […]
Tag: medical devices
In-brief: is regulation the right approach to securing The Internet of Things or can industry clean up its own act? IEEE Spectrum takes a look.
In-brief: After a year in limbo, the Librarian of Congress moved last week to allow a number of exceptions to the U.S. Digital Millennium Copyright Act (DMCA) that will clear the way for researchers to explore smart vehicles and other products.
In-brief: GE Healthcare’s Chief Technology Officer said his company is modeling its product security program on Microsoft’s Trustworthy Computing program – and tapping the Redmond company for experts to help them do it.
In brief: A flaw in a wearable insulin pump sold by Johnson & Johnson has the potential to allow a malicious actor to force the device to administer doses of insulin to a patient without their knowledge.