STATES CHRONICLE – Devices which are built to expand humans’ life span, like cardiac implants, are thought to be defenseless in front of hackers. Apparently, specialists from MedSec claim that cardiac implants designed by St. Jude Medical developed vulnerability in front of cyber attacks. The tests have proved that the devices’ wireless communications are unsafe if hacked.
St. Jude Medical is currently in a conflict with the investment company Muddy Waters that has been helping in the manufacturing process of those devices. MedSec was hired by St. Jude Medical to support their opinion regarding the functionality of cardiac implants. Justin Bone, who is the CEO of MedSec, has asserted that their company has managed to test three different devices that were manufactured by St. Jude in collaboration with Muddy Waters.
They have looked at the physician programmer used by medical staff to arrange the implants, at the pre-program meant to configure the devices, but also at the cardiac implants themselves. Bone argues that they have also analyzed the home monitoring devices which are designed to monitor the functionality and well state of the implant while the patient is sleeping.
All these devices are linked through a radio frequency procedure which is supposed to secure this system. Unfortunately, specialists from MedSec have discovered a significant and dangerous breach in the security system of the cardiac implants. This severance could allow a hacker to access any of the devices in a try to develop a plan to copy their system.
Justin Bone has explained that these cardiac implants are programmed to undergo specific processes like issuing a shock, vibrating or fulfilling the turn on and turn off commands. If the program of this device is not safe enough, then it means that any skilled hacker can control the stages of the therapy.
The qualified personnel of MedSec has developed research in which they played the role of the programmer who tried to hack the cardiac implants’ system. They would use the vulnerability of the implicit protocol to hack the devices and remotely control the commands of vibrating, delivering shocks, turning it on and off.
After these tests had been conducted, MedSec officials required a redesigned scheme of the device in which the security system would be improved. Producers need to understand that security is crucial for cardiac implants because patient totally depends on these devices.
Image source: wikipedia