Skip to main content

More Medical Devices Are Found To Be Vulnerable To Hacking

By September 28, 2017June 22nd, 2022Cybersecurity

Things continue to worsen on the smart medical device front.

Recently, the USDA issued a recall order on six different models of pacemakers, all of which were vulnerable to hacks that would have allowed the hackers to literally kill the patients who relied on them.

This is hardly a new development, and the government has been slow to get involved. The reality is that since the rise of the Internet of Things, security experts have been warning that smart device manufacturers were being grossly irresponsible by not building robust security features into their devices.

Nobody cared, few listened, and the size of the Internet of Things exploded.

Now, we’ve got literally billions of “smart” devices connected to the internet with little or no security, including many medical devices which, if hacked, could cause serious damage, death included.

The most recently discovered unprotected medical device is a syringe infusion pump that’s used by hospitals in acute care settings. Like so many other smart devices, it lacks robust security protocols, and hackers could easily take control of it and use it to deliver a fatal dose of medication to the patient who’s relying on it.

Even worse, it’s not just a matter of lax security. Researchers have found a total of eight critical security failures on the syringe infusion pump alone.

If you or someone you know is using the Medfusion 4000 Wireless Syringe Infusion Pump, made by Smiths Medical, then be aware that it is vulnerable if running versions 1.1, 1.5, or 1.6 of the firmware, and even a moderately skilled hacker could take complete control over it.

This is one of the rare cases where the manufacturer has proved to be somewhat responsive. They’ve indicated that a firmware patch is coming, although it won’t be ready for release until early 2018. Even so, Smiths Medical stands apart from the crowd if for no other reason than they actually seem interested in making their devices more secure. Now we just need to get the rest of the smart device manufacturers to follow their example.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.