Security researchers say they can hack Medtronic pacemakers

Aug. 20, 2018

Security researchers say they’ve found flaws in the Medtronic pacemaker that leaves the life-saving device vulnerable to hackers and puts patients at risk.

Billy Rios and Jonathan Butts say they’ve found vulnerabilities that compromise the pacemaker’s programmer, which can control the electrical impulses that are sent to the heart to regulate a patient’s heartbeat. There are about 33,000 of these programmers in use—called the CareLink 2090.

Rios and Butts demonstrated the security weaknesses earlier this month at the annual Black Hat cyber security conference in Las Vegas, one of the industry’s most prestigious annual meetings.

Rios, who founded a startup focused on embedded device security called WhiteScope, says he presented his research publicly because he is frustrated by what he calls Medtronic’s slow response to addressing and fixing these flaws.

“They are more interested in protecting their brand than their patients,” Rios told CNBC, noting that the technical fix for these vulnerabilities is relatively easy.

For its part, the medical device company says the likelihood of a successful cyber attack is low, and that the company is not aware of any security breaches involving patients with its medical devices.

“All medical devices carry some associated risk, and, like the regulators, we continuously strive to balance the risks against the benefits our devices provide,” Medtronic said in a statement.

CNBC has the full article

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...