Fans of the TV series Homeland may have wondered at the end of last season whether it is truly possible to hack into a pacemaker and cause someone’s death. That’s what the show’s terrorist organization did to the vice president. The answer is, scarily, yes.
For years, experts have warned about the vulnerability of medical devices to outside sabotage. The United States Department of Homeland Security (DHS) has even issued a warning that medical devices can be compromised by hackers. While it may seem far-fetched for a terrorist halfway around the world to tap into an individual’s pacemaker and cause a heart attack, it is perfectly plausible. And malicious attacks are not the only concern regarding this form of technology.
Many medical devices are controlled by software, just as your iPad, laptop, and smartphone are. As a result, security can be breached on a medical device just as it can be on other technology. Many people remember the time their iPhone software update temporarily turned their phones into dark-screened paperweights. Unfortunately, the same result is possible with wireless medical devices. Many are networked and can be monitored or controlled remotely, sometimes without adequate security engineering and protections.
In 2006, more than half of all medical devices marketed in the United States contained embedded software. And between 2002 and 2010, there were more than 537 recalls because of software malfunctions. Slight errors in computer code can result in significant patient risks. For example, a device that delivers a drug might give a patient 1,000 milliliters instead of the prescribed 10. And it is not possible to completely test systems in advance to ensure proper functioning.