Smiths Medical could have a cybersecurity problem

The US Dept. of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team has released a warning over issues with Smiths Medical’s Medfusion 4000 wireless syringe infusion pump after discovering 8 cybersecurity vulnerabilities in the device. The notice is for versions 1.1, 1.5 and 1.6 Medfusion 4000 wireless syringe infusion pumps, according to the DHS […]

Researchers find 8k cyber vulnerabilities in pacemakers

Researchers from the security research firm WhiteScope identified cyber vulnerabilities in file system encryption and in the storage of unencrypted patient data across major vendors of implantable cardiac devices, according to the team’s report. “The findings reveal consistency across all vendors, highlighting the inherent weaknesses in the ecosystem architecture,” the firm wrote. Get the full story

Cybersecurity: Is medtech ‘lackadaisical’ about it?

The medical device industry needs to shake itself out of its stupor when it comes to cybersecurity, according to James Scott, senior fellow at the Institute for Critical Infrastructure Technology and author of the new paper, How to Crush the Health Sector’s Ransomware Pandemic. Companies in the medtech sector and the overall healthcare space face

MedCrypt and QuiO partner to protect devices from cyberattacks

MedCrypt and QuiO have announced an integration partnership for a set of cloud-connected injection devices known as the Smartinjector devices to provide safe data transfers of patient prescriptions and injections. OuiO will receive software security with this partnership for its Si One, for specialty drugs, and Si Pen, for diabetes patients. MedCrypt’s software will be

5 mistakes found in cloud-connected medical devices

Cloud-connected medical technology will have a significant impact on the healthcare system. Network-connected medical devices create a world of instant information, warns Dana Good, senior software engineer at Stratos Product Development. For example, she said, “an alert from a patient’s insulin pump, heart monitor or fall detector can be quickly relayed to a physician or

Cybersecurity firm warns of malware on medical devices

Malicious malware has been detected on medical devices at major healthcare centers across the world, according to a new report. San Mateo, Calif.–based cybersecurity firm TrapX Security told Bay Area news outlet ABC 7 it has discovered infected medical devices which could create a backdoor security breach. Such a breach could lead to the leaking

FDA: St. Jude Medical devices really do have a cybersecurity problem

FDA issued a safety communication on January 9, 2017, detailing St. Jude Medical products that could be vulnerable to cyber threats. These threats could result in rapid battery depletion or administration of inappropriate pacing or shocks—potentially lethal outcomes. FDA noted that there have been no reports of patient harm related to the cybersecurity risks. The news comes

Medtech cybersecurity: Why you should still be scared

  Medical devices have turned out to be an Achilles’ heel for a healthcare industry still bombarded by cybersecurity breaches, according to TrapX’s “2016 Year-End Healthcare Cyber-Breach Report.” In 2015, healthcare data security breaches became more than a growing concern—they became a new reality. There were 57 attacks, and hackers breached more than 111,812,172 data records. The

Researchers uncover hackable ‘fatal flaws’ in defibrillators

Exploitable cybersecurity flaws that could be fatal were found in 10 different implantable medical devices, according to a new report from a European research team. Researchers at Belgium’s KU Leuven University examined 10 device, specifically implantable cardioverter defibrillators. The team used only commercial, off the shelf items and had no prior knowledge of the devices,

Designing software security into Linux-based medtech

As medtech developers seek to reduce costs and provide improved patient monitoring and care, they are introducing wireless electronics to the market. The pace of development is slipping past “steady” and is now better characterized as “frenetic.” Embedded software is critical for collecting, managing, storing, and transmitting medical health data. But the security of these