The first time I came across an article on hacking into digital medical devices, I dismissed it pretty quickly. After all, what could be the possible motivation for hacking an insulin pump or a pacemaker? But then I came across another one. And then another one. Maybe this topic does deserve some attention?
Some people definitely think so. The Medical Product Manufacturing News (MPMN) held two interviews with experts in the field to discuss the topic and their views were troubling, to say the least. In the first interview, Kurt Stammberger, an information systems security professional, explained that while the traditional datacom companies have had years to perfect security systems, this area would be very new for companies such as Medtronic or Abbott in fact, these companies would likely not have computer security experts on staff because there would have been no need for them in the past. In the second interview, Kevin Fu, a software expert, explains how medical device manufacturers tend to think that they're immune to issues on the Internet such as malware or computer viruses. He argues, however, that this thinking is outdated.
While it still seems difficult to imagine that someone would be motivated to hack a medical device, the fact that alterations to these devices could cause serious complications or even death is troublesome. Additionally, hacking in the health care industry in general is being increasingly brought to the forefront as patient data becomes more and more digitalized. For example, this article stated that 96% of health care organization respondents in a survey reported that patient or related information had been compromised in the last two years.
As our world becomes increasingly digital, we'll all have to pay the price for convenience and the health care and medical device world will not be exempt.