Pacemakers under cyber attack

The level of hacking has reached a higher level. Instead of servers and computer systems, hackers are now targeting human hearts. Almost half a million citizens in the United States are recommended to get their pacemakers updated.

A pacemaker is a small battery operated device that is placed in the chest or abdomen to help control abnormal heart rhythms. This device uses low-energy pulses to prompt the heart beat at a normal rate.

After detecting security flaws of the pacemakers, The US Food and Drug Administration (FDA) recently recalled almost 465,000 pacemakers made by the company Abbott’s (formerly St. Jude Medical). The flaws let a hacker remotely operate the pacemaker and reprogram the device to modify the patient’s heartbeat or drain the battery life which can be potential life threat to the patient.

“As medical devices become increasingly interconnected via the internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.” The FDA said in an advisory.

To keep it safe against these fatal vulnerabilities, the pacemaker’s firmware needs to be updated. As per FDA, the recall of Abbott’s pacemaker would not need any surgery. The pacemaker’s firmware could be updated by the doctor.

The vulnerability of the device is that anybody with “commercially-available equipment” could send commands to the device to malfunction. Once the device is “patched” only authorized hardware and software tools will be allowed to send commands. According to Abbott’s, none of the 465,000 devices have been compromised yet.