In 2015, the FDA issued warnings about a pair of infusion pumps – “smart” medical devices that had demonstrated security flaws
It was the first time in history that security researchers demonstrated that a hacker could take control of these life-saving devices remotely and use them to kill the patients they were protecting.
Since that time, we’ve witnessed a breathtaking increase in the size of the IoT (Internet of Things). It is poised to surpass the combined size of internet-connected PCs and smartphones later this year, and there’s no end in sight to its phenomenal growth.
The problem is that PCs and smartphones are several orders of magnitude more secure than virtually every internet object in use today. Most of them lack even the most basic of security protocols, and what’s worse is that the companies that manufacture them have shown almost a complete lack of interest in changing that.
It’s a problem in general because hackers are enslaving them almost as fast as they come online, and they’re assembling botnets of unprecedented size. The botnets are being used to launch Denial of Service attacks capable of knocking companies offline, or, as was painfully demonstrated late last year, taking down much of the US’s internet.
The problem is even worse where medical devices are concerned, because once control is gained, the hacker controlling the device can quite literally kill the patient it’s hooked up to.
Another warning was issued in 2016, this time about a pair of smart cardiac devices made by St. Jude Medical
The company initially denied that the hack was possible, but later reversed its opinion. There’s some ongoing infighting about the way the hack information was released, but this latest warning has spurred the FDA to begin the process of drafting new rules establishing minimum acceptable security standards for smart medical devices.
The hope is that these standards will permeate the industry, and that more equipment manufacturers will begin taking steps to bolster security of these devices we are increasingly relying on.
For more tips on thriving with small business technology, check out the other blog posts at DWP Blogs. Thanks for reading this post. I am also available at dwpia on LinkedIn, at dwpia on Facebook,and @dwpia on Twitter.
Denis S Wilson
I am President and Principal Consultant for DWP Information Architects: specializing in IT services and support for successful, fast-growth companies in Los Angeles. And have created cost-effective information technology solutions for small business for over 20 years, specializing in cybersecurity. I am also a published author and speaker, working extensively with the SBA and its partners, and business and professional associations, providing business technology education programs.
Get the free report
"10 Hidden IT Risks That Might Threaten Your Business (Plus 1 Fast Way to Find Them)"
