Scam of the day – September 6, 2017 – Pacemakers recalled due to risk of hacking

By now, we are all familiar with the Internet of Things which presently includes 5 billion devices and is expected to grow to 25 billion devices by the year 2020.  The Internet of Things is the popular name for the technology by which products and devices are connected and controlled over the Internet.  The range of products that are a part of the Internet of Things is tremendous and includes, cars, refrigerators, televisions, fitness bands, webcams, toys and even medical devices.  The Internet of Things offers tremendous opportunities for constructive and efficient use of these products, but as with any technology connected through the Internet, also provides an opportunity for hackers to exploit the technology for their own criminal purposes.

While hacking of medical devices sounds like something out of fiction, in 2007, former Vice President Dick Cheney was so concerned about hackers that he had the Internet connection on his pacemaker disabled.  In September 2015, the FBI issued a warning saying that “Once criminals have breached such devices, they have access to any personal or medical information stored on the devices and can possibly change the coding controlling the dispensing of medicines or health data collection.”

Now the Food and Drug Administration (FDA) has issued a recall of 465,000 pacemakers due to the vulnerability of the devices to being hacked and controlled by criminals.  Fortunately, the recall can be accomplished with a remote adjustment of the devices and will not require surgery.  Six different types of pacemakers all made by Abbott and sold under the name of St. Jude Medical are covered by the recall.  Here is a link to the FDA’s recall with more specific information.

https://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm573669.htm

TIPS

Earlier this year the FDA issued recommendations for security steps to be taken for Internet connected medical devices, however it should be noted that these are not regulations, but only recommendations.  So what can you do to protect yourself in the meantime? The most important thing you can do is find out if any Internet connected medical devices you may have comply with the FDA’s security regulations.  You should also find out what information is stored on your device and how it is accessed.  Also learn about the use of password protection and make sure that your device is not still using a default password.  If your device uses an open wifi connection, you should change it to operate exclusively on a home network with a secured wifi router.  If your device is capable of transmitting data, make sure that the transmissions are encrypted.