Wait…Did you say: Hack my HeartheadingContent

Posted on April 05, 2017

graphic of a heart with a pace makerComputer hacking is supposed to be the work of spies and rebellious outlaws looking to test the boundaries of societies’ establishment. When it comes to hacking, we don’t often think of the security of our own medical devices, especially those implanted right in our heart. Recently, the FDA confirmed that cardiac pacemakers and defibrillators had potential security vulnerabilities that could make them susceptible to those looking to exploit these lifesaving medical devices.

Pacemakers and defibrillators are implanted in people to not only improve quality of life, but also to save lives. Many of these devices are remotely followed by physicians with a simple radio frequency (RF) or cellular enabled device given to the patient. This device will send data back to the physician about the overall health and stability of the cardiac device. The recent warning by the
FDA revealed that there were potential cybersecurity issues that could allow someone with malicious intent to exploit the remote access device and prematurely deplete the battery or even deliver inappropriate shocks to the patient. While there has been no documented hack of a pacemaker or defibrillator, this does raise some interesting issues. It is important to note that some device companies have already responded to this warning by providing security patches that will negate any potential threat.

Much like our own personal computers, phones and tablets, any connected device has a theoretical risk of being hacked. Unfortunately, we live in an age where we need to worry about cyber-attacks. To date, there has been no known hack of a pacemaker or defibrillator. Still while the benefits of remote monitoring far outweigh any potential risk of hacking, patients should be aware of the potential threat and talk to their physician to make sure they are not at risk.