Growing Threat Within Hospitals

In a country where millions of patients’ lives depend on various medical devices on a daily basis, the issue of hackers having the ability to tap into such devices and gain control of its functions has become a growing threat. According to the U.S. Department of Homeland Security (DHS), there have been at least two dozen cases of possible cyber security flaws in medical devices ranging from artificial heart implants to hospital infusion pumps. Although there are no known cases of hackers targeting patients through medical devices, DHS remains cautious of potential risks. Medical device manufacturers such as Hospira, Medtronic, and St. Jude Medical are all currently under investigation. The Department of Homeland Security’s unit called the Industrial Control Systems Cyber Emergency Response Team or ICS-CERT aims to help manufacturers eliminate any software bugs and other possible vulnerabilities that could be exploited by hackers. Devices that are currently under investigation include implantable heart devices such as cardiac monitors and pacemakers made by Medtronic and St. Jude Medical, and infusion pumps made by the company Hospira that are used to deliver drugs, pain relievers and nutrients directly into the patient’s bloodstream. DHS warns that if hackers did successfully gain access to such medical devices, they could gain the ability to force multiple infusion pumps to deliver lethal doses of drugs to patients that could lead to an overdose, or deliver a jolt of electricity to the patient’s heart or cause other potentially lethal malfunctions. According to a DHS official, some other devices also under investigation are medical imaging equipment and hospital networking systems located throughout the country. Although there are no confirmed cases of hackers successfully exploiting such cyber vulnerabilities in medical devices, as an increased number of medical devices are now wirelessly connected to other devices as well as the internet, the potential risks of such attacks increase also. Join us here at Taino Consulting Group to help fight such threats and prevent such an attack against your medical database systems.