Over 1850 Total Lots Up For Auction at Six Locations - MA 04/30, NJ Cleansweep 05/02, TX 05/03, TX 05/06, NJ 05/08, WA 05/09

Spanish Spanish

DHS warns some Medtronic implantable defibrillators vulnerable to hacking

by Thomas Dworetzky, Contributing Reporter | April 03, 2019
Cardiology
Share

“Number one, this would be very hard to exploit to create harm,” Kowal told the paper. “Number two, we know of no evidence that anyone’s ever done this. And three, we are working closely with FDA as this whole cyber issue evolves to make sure we are not only handling this problem but we’re working on future devices to optimize security versus functionality.”

No recall is anticipated, as a software patch should be able to fix the issues.

Ben Ransford, CEO of medical device security firm Virta Labs, said he agreed with the assessments of Medtronic and federal officials that the vulnerabilities in the Medtronic defibrillators were not serious enough to warrant replacement.

“If I had one of these devices, I would not be concerned that this meant an attack is coming, or anything like that,” Ransford told the paper. Though not involved in the recent vulnerability discovery, he noted that variations of this issue with Medtronic defibrillators have been known since 2008.

“It looks like a manufacturer still has some work to do,” he told the paper. He also stressed that, “nothing about this issue is related to access via the internet.”

The FDA advised in its alert over this issue that healthcare providers:

  • Continue to use the CareLink programmers for programming, testing and evaluation of ICD and CRT-D patients. There is no programmable setting that allows a clinician to turn off the Conexus wireless capabilities in the affected devices.
  • Maintain control of CareLink programmers within your facility at all times.
  • Use only home monitors, programmers, and implantable devices obtained directly from the manufacturer.
  • Remind patients to keep their home monitors plugged in.

Vulnerability to hacking is an ongoing and growing problem all through the healthcare space.

In mid-2018, DHS issued vulnerability advisories for the Philips Brilliance CT system, and the Silex Technology SX-500/SD-320AN and GE Healthcare MobileLink.

And in April 2018, DHS issued cyber warnings about Philips iSite and IntelliSpace PACS medical imaging archiving communications systems and the Alice 6 polysomnography system.

The Medtronic devices impacted, according to the company's alert include:

Implantable Devices

Amplia MRITM CRT-D, all models
Claria MRITM CRT-D, all models
Compia MRITM CRT-D, all models
ConcertoTM CRT-D, all models
ConcertoTM II CRT-D, all models
ConsultaTM CRT-D, all models
Evera MRITM ICD, all models

Sign up for Cardiology stories Sign up for Weekly Top stories

You Must Be Logged In To Post A Comment

Sign up for Weekly Top stories

Sign up for Cardiology stories

 

advertisement

Cardiology Homepage

J&J nabs Shockwave Medical for $13 billion: Four takeaways
Le Bonheur Children's Hospital finishing up final weeks of $95 million critical care expansion
Five Minutes in Healthcare - Devon Bream
How GE HealthCare puts IT security in the Cath and EP Labs top of mind
Coronary CT should be 'gold standard' for assessing chest pain: study
How artificial intelligence is improving cardiovascular imaging
Emory settles medical malpractice case over death of heart transplant patient
Apple removes blood oxygen feature from watches after federal circuit court upholds ITC ban
Beyond referrals: The rise of in-house cardiac imaging in modern cardiology
AI-based radiology arrives for first time in Ireland at Dublin hospital