FDA issues Warning about Hackable Medical devices and developed Software Patch that reduces the risk

Food and Drug control administration (FDA) has issued a warning that certain medical devices like pacemakers and cardiac devices are vulnerable to hacking. Although security researchers, expressed their concerns from the long back this is the first time that government publicly acknowledged the threat. The devices concerned are Merlin@home Transmitter made by St Jude Medical.

FDA issues warning about Hackable medical devices and developed software patch that reduces the risk


There are a wide range of St. Jude Medical implantable cardiac devices like pacemakers, defibrillators, and resynchronization devices. These devices are implanted under the skin in the upper chest area and connected to the heart with help of insulated wires (Leads). The devices are implanted in patients with slow heartbeat or in those where the heart beats too fast. The St. Jude Medical Merlin@home Transmitter uses a home monitor that transmits and receives RF signals used to wirelessly connect to the patient's implanted cardiac device. The merlin reads the data stored on the pacemaker and uploads it in its own cloud in Merlin.net Patient Care Network.



From this data, doctors analyze the data and monitors patients health. According to FDA, the monitors could be hacked so that in place of normal commands other commands can be sent to the patient's pacemaker. By gaining access, a hacker can do many possible things ranging from exhausting the battery of pacemaker, giving inappropriate shocks, to stopping the patient's heart from beating.

Also Read: MIT's Porous 3D form of Graphene is Ten times Stronger than Steel


However so far, no reports of patients harm with regard to cyber attacks. To fix the vulnerability, FDA has developed a software patch Merlin@home Transmitter that prevents any such attacks arising from the cyber security vulnerabilities. The patch will be available starting January 9, 2017, and can be directly applied to Merlin@home Transmitter.



The FDA has reviewed the performance of St. Jude Medical's software patch to ensure that it answers major risks posed by cyber security vulnerabilities. The FDA also conducted an assessment of benefits and risks of Merlin@home Transmitter and concluded it benefits patients more than the harm posed by cyber security risks.

No comments:

Powered by Blogger.