Skip to main content

Heart Pacemaker Devices Found To Have Major Technology Security Risks

By June 13, 2017May 24th, 2021Cybersecurity

Security professionals have been talking for months about the dangers of smart devices, most of which are almost comically (and tragically) lacking in even the most basic security protocols. More recently, the global Wannacry Ransomware attack demonstrated that smart medical devices were vulnerable to attack, with several of them being temporarily shut down by the malware. But exactly how bad is the problem?

Here’s an interesting comparison:

This past week, Google’s Project Zero found a total of eight critical security flaws in Microsoft’s Malware Protection Engine. Microsoft considered this to be such a serious issue that they took the unusual step of issuing a patch outside their normal schedule to address them.

Now, compare that with the number of security flaws found in a line of smart pacemakers by security researchers from WhiteScope, which identified more than 8,600 security flaws, mostly coming from third party libraries.

It should be noted that not all of these flaws are considered critical, and the number spans seven different manufacturers. However, the sheer number underscores the difference in scope and scale, and the point is further driven home by looking at the way smart device manufacturers are responding to the report.

We’ve known since at least 2013 that the vast majority of smart devices being marketed and sold today are highly insecure, and yet, almost none of the equipment manufacturers have done anything about it. This latest report generated a response that was more of the same – almost complete disinterest.

That’s dangerous, because it sets the conditions for what amounts to a perfect storm.
Right now, there are people living all over the world who rely on smart medical devices to keep them alive. The day’s coming when a hacking attack will kill someone.

Granted, even if smart device manufacturers started taking security more seriously, that would still almost certainly happen at some point. Taking no meaningful action at all only hastens the arrival of that day.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.