FDA Recalls Nearly Half a Million Pacemakers Over Hacking Fears

Six types of pacemakers, all manufactured by health-tech firm Abbott (formerly of St. Jude Medical) are affected by the recall, which includes the Accent, Anthem, Accent MRI, Accent ST, Assurity, and Allure.All the affected models are radio-frequency enabled cardiac devices—typically fitted to patients with irregular heartbeats and patients recovering from heart failure—and were manufactured before August 28th.

In May, researchers from security firm White Scope also analysed seven pacemaker products from four different vendors and discovered that pacemaker programmers could intercept the device using “commercially available” equipment that cost between $15 to $3,000.

“Many medical devices—including St. Jude Medical’s implantable cardiac pacemakers—contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits,” the FDA said in a security advisory.”As medical devices become increasingly interconnected via the Internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.”To protect against these critical vulnerabilities, the pacemakers must be given a firmware update. The good news is that those affected by the recall do not require to have their pacemakers removed and replaced.

“As medical devices become increasingly interconnected via the Internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.”To protect against these critical vulnerabilities, the pacemakers must be given a firmware update. The good news is that those affected by the recall do not require to have their pacemakers removed and replaced.

Por: Swati Khandelwal – http://thehackernews.com