Bug Uncovered in St. Jude Medical Pacemakers, Defibrillators

...

The Food and Drug Administration has revealed potential vulnerabilities in St. Jude Medical's implantable cardiac devices.

The agency on Monday confirmed flaws in the [email protected] Transmitter, leaving embedded pacemakers and defibrillators open to attack. According to the FDA, an unauthorized user could remotely access a patient's radio frequency-enabled implant, then modify programming commands to quickly deplete the battery or administer inappropriate pacing or shocks.

In an effort to address these risks, St. Jude Medical this week pushed out a software patch that includes additional validation and verification between the device and Web platform. It will be applied automatically when the [email protected] Transmitter is plugged in and connected to the Merlin.net network.

"There has been a great deal of attention on medical device security and it's critical that the entire industry continually enhances and improves security while bringing advanced care to patients," Ann Barron DiCamillo, advisor to St. Jude Medical's Cyber Security Medical Advisory Board, said in a statement.

There are no incidents, to date, of cyber attacks related to St. Jude Medical devices. Moving forward, the FDA will continue to assess the cybersecurity of St. Jude Medical's implantable cardiac devices and the [email protected] Transmitter. The manufacturer, meanwhile, has also partnered with the Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) unit.

"We are continuously reassessing and updating our devices and systems, as appropriate," St. Jude Medical Chief Technology Officer Phil Ebeling said. "The safety and security of patients is always our prime focus."

Categories
GAMES
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    Congress Eyes Regulations for Stingray Phone Trackers

    Not the fish, but the bulky devices that let law enforcement agencies imitate cell phone towers to intercept communications, sometimes without the need for court permission.If a suspect's phone connects to a stingray, it can capture geolocation data and other information, according to the report.
  • 5300c769af79e

    Enterprise Software News, Analysis, & Advice

    Jessica DavisBy Senior Editor, Enterprise Apps, 4/19/2016ReadPost a Comment IBM is not a startup, and venture capital is still borrowed money.Nathan EddyBy Freelance Writer, 4/19/2016ReadPost a Comment Sculley?
  • 5300c769af79e

    PhishMe Q2 2016 Malware Review

    Download During the second quarter of 2016, ransomware has firmly established itself as a mature business model, showing no outward signs of diminishing.Encryption ransomware now accounts for 50% of all malware configurations, meaning that it is no longer considered simply a means for making a quick profit, but a permanent fixture on the threat landscape.
  • 5300c769af79e

    Samsung may remotely disable remaining Galaxy Note 7 phones

    If you decided to ignore the Galaxy Note 7 recall because your love for the handset is greater than the fear of it exploding, then you may only have a few more days left to use it.15, Samsung will modify the software to prevent the Galaxy Note 7 from charging.