Live COVID-19 Cases
  • World 595,504,807
    World
    Confirmed: 595,504,807
    Active: 20,038,620
    Recovered: 569,010,838
    Death: 6,455,349
  • USA 94,695,875
    USA
    Confirmed: 94,695,875
    Active: 3,714,130
    Recovered: 89,919,392
    Death: 1,062,353
  • India 44,275,687
    India
    Confirmed: 44,275,687
    Active: 124,814
    Recovered: 43,623,804
    Death: 527,069
  • France 34,234,005
    France
    Confirmed: 34,234,005
    Active: 602,921
    Recovered: 33,477,955
    Death: 153,129
  • Brazil 34,178,240
    Brazil
    Confirmed: 34,178,240
    Active: 550,730
    Recovered: 32,945,953
    Death: 681,557
  • Germany 31,535,343
    Germany
    Confirmed: 31,535,343
    Active: 1,171,945
    Recovered: 30,217,700
    Death: 145,698
  • UK 23,420,826
    UK
    Confirmed: 23,420,826
    Active: 211,052
    Recovered: 23,023,687
    Death: 186,087
  • Italy 21,509,424
    Italy
    Confirmed: 21,509,424
    Active: 867,064
    Recovered: 20,468,258
    Death: 174,102
  • Russia 18,907,231
    Russia
    Confirmed: 18,907,231
    Active: 372,566
    Recovered: 18,151,487
    Death: 383,178
  • Spain 13,294,139
    Spain
    Confirmed: 13,294,139
    Active: 276,103
    Recovered: 12,906,369
    Death: 111,667
  • China 235,670
    China
    Confirmed: 235,670
    Active: 5,873
    Recovered: 224,571
    Death: 5,226
Generic selectors
Exact matches only
Search in title
Search in content
Generic selectors
Exact matches only
Search in title
Search in content
homeless man on street waiting for vaccine

BY Akshat Biyani

Cybersecurity

Cyber Attacks Target Pacemakers

Medtronic teams up with IoT cybersecurity startup Sternum to resolve its cardiac pacemaker vulnerability

APRIL 28  2021

Follow

We witnessed the first pacemaker intrusion over 13 years ago. Since then, hackers have come up with numerous ways to attack safety and security flaws within cardiac pacemakers. These include manipulation of radio commands and hacking of the software installed in the pacemaker.

Researchers have been studying the vulnerability of the device for years. They have also demonstrated the mechanism of hacking into embedded medical implants by modifying the system through remote access. Although it seems unusual for a device we rely on to be such a threat, pacemakers can create a channel for hackers to gain a two-way communication protocol.

Cardiac implantable electronic devices (CIED) communicate with medical equipment whose telemetry capabilities and IP connectivity are creating new entry points that may be used by attackers. As such, considering that many security and government officials are relying on pacemakers, it can also prove to be a very potent national security threat.

CIEDs are susceptible to radio frequency (RF) attacks. Hackers mainly use long-range RF interfaces to enter into the implants. Researchers have discovered that these hackers can even alter the fundamental functions of a pacemaker, thus putting the patient’s life in jeopardy.

In a newly-published paper, “On the (in)security of the Latest Generation Implantable Cardiac Defibrillators and How to Secure Them,” researchers from KU Leuven University, Belgium, University of Birmingham and University Hospital Gasthuisberg addressed the issue with the statement:

‘Adversaries may eavesdrop the wireless channel to learn sensitive patient information, or even worse, send malicious messages to the implantable medical devices. The consequences of these attacks can be fatal for patients as these messages can contain commands to deliver a shock or to disable a therapy’

 

About Medtonic’s partnership with Sternum

Medical equipment manufacturer, Medtronics has been a consistent target for hackers who have cyber-attacked their pacemakers through their internet-based software updating systems. The company is looking to resolve the issue with the help of a new partnership with Israeli IoT cybersecurity startup, Sternum.

Medtronic has been frequently accused of providing unsafe cardiac implants in the past. With its association with Sternum, it has finally been able to integrate the knowledge of embedded systems to provide safe implants to patients. Sternum has already secured more than 100,000 Medtronics devices since their partnership.

This partnership was initiated after the federal Cybersecurity and Infrastructure Security Agency handed out a warning to Medtronic regarding its MyCareLink patient monitoring system. The MyCareLink patient monitoring system was Medtronic’s remote system used to monitor and update the pacemakers manufactured by Medtronic. In an interview with TechCrunch, Sternum’s founder and CEO, Natali Tshuva said:

‘There’s this endless race against vulnerability, so when a company discovers a vulnerability, they need to issue an update, but updating can be very difficult in the medical space, and until the update happens, the devices are vulnerable. Therefore, we created an autonomous security that operates from within the device that can protect it without the need to update and patch vulnerabilities.’

Sternum’s platform does not rewrite system coding. Instead, it edits the coding to enhance the security element of it. The platform is built on a cloud-based monitoring and analytics system that performs digital transcription to detect cyber-attacks in real-time. The cloud security system automatically updates security protocols which prevent any harm to pacemakers and in turn, patients.

 

The future of Medtronic

The constant backlash Medtronic received since 2018 saw a potential downfall of the company. From 2018 to 2019, Medtronic revealed several security breaches in its remote system. Despite the safety issues, both Medtronic and FDA agreed on the usage of the devices except the CareLink devices. The issue was later resolved in January 2020.

Fast forward to April 2021, Medtronic has successfully secured all hackable devices with the help of Sternum’s IoT cybersecurity technology. In a recent statement, Medtronic stated:

‘To date, no cyberattack, privacy breach or patient harm has been observed or associated with these vulnerabilities.’

Important medical devices like pacemakers serve an extremely crucial role in the current medical landscape. These devices have been helping numerous people find the required medical assistance to combat life threatening medical conditions. Cyber attacks threaten to affect the patients’ trust in these medical devices, which in turn affects their mental and physical health adversely. Finding a concrete solution to this problem is the only way companies like Medtronic can regain their consumers’ trust and establish themselves as a formidable brand in the market.

About the Author: Akshat Biyani

Akshat Biyani is a contributing Features Writer, with extensive expertise in Business, Finance and Technology.

Recommended for you

BAME Nurses Speak Out on Pandemic Racism

A new report and documentary expose the realities of racism experienced by BAME nurses with the hopes of building a more compassionate NHS.

Trending