The Security Ledger site advises that security flaws need more attention from medical device makers than they’ve often been getting.
“The security of medical devices figured prominently at last week’s Black Hat, B-Sides and DEF CON hacking conferences in Las Vegas (August 2018). In one of the more news-worthy demonstrations, researchers Billy Rios and Jonathan Butts demonstrated how to remotely exploit an implantable pacemaker made by the firm Medtronic, showing how malicious software could be used to take control of the device – even executing shocks to a patient.
“This wasn’t the first demonstration of its type. Rios and Butts have been publicly butting heads with Medtronic for months over the security flaws he found.”
“The question” says the Security Ledger writer, “is this: why is it that sophisticated, multi national firms that make medical devices have such a hard time addressing cyber risk in their products? How is it that a manufacturer can possess the design savvy to make an electronic device that lives within the human body, yet fail utterly to understand and account for the possibility of even trivial electronic manipulation and attacks?”
A truly good question.