Ensuring cybersecurity for computers and mobile phones is a huge, complex business. The ever-widening scope and unbelievable variety of threats makes keeping these devices safe from cyber criminals and malware a full-time challenge for companies, governments and individuals around the world.
But at least the vast majority of those devices are easily accessible, safe in the pockets or sitting on the desktops of the very people who want to protect them. The Internet of Things (IoT) devices that need protection, on the other hand, could be almost anywhere: sitting in a remote desert, buried deep in coal mine, built into a giant truck. Or, even implanted inside the human body.
IoT devices in hard-to-reach locations
This issue was highlighted last week when the FDA issued a letter calling for the voluntary recall of some 465,000 St. Jude Medical pacemakers—currently embedded in heart patients’ chests!—to patch security holes.
The FDA warned that vulnerabilities in the RF-enabled implantable cardiac pacemakers “if exploited, could allow an unauthorized user … to access a patient’s device using commercially available equipment. This access could be used to modify programming commands to the implanted pacemaker, which could result in patient harm from rapid battery depletion or administration of inappropriate pacing.”
No compromised pacemakers yet
In other words, hackers might be able to run down the battery so the device would prematurely stop working, or they could even affect the patients’ heart rate or rhythm.
Fortunately, according to Abbott, which now owns St. Jude Medical, no compromised pacemakers have yet been reported. And in the vast majority of cases, the vulnerable firmware can be updated with a simple, three-minute visit to a healthcare provider.
For full story, Please click here.