More than 8,000 computer security breaches have been reported around seven pacemakers. A specialized company points out the obsolescence of the software used.
Better have your heart set on reading the latest company report WhiteScope. Specializing in computer security, she has just analyzed the quality of pacemaker protection. The results are cold in the back. Of the seven products reviewed, 8,600 security vulnerabilities were identified.
The makers of pacemakers appear not to have redoubled their efforts to keep their devices safe from cybercriminals. Not all devices encrypt part of the data. A basic analysis is therefore possible. But pacemakers and associated software also open up many possibilities for more malicious minds.
Software from the 1980s
Programmers and doctors do not need to authenticate to change the settings of the defibrillator, which communicates wirelessly. Anyone who is sufficiently trained can therefore reprogram a pacemaker … and slow down its frequency. This is the reason why former US Vice President Dick Cheney unplugged his own device when he was in office.
Pacemakers are not the only cause. Paired software and components also suffer from serious flaws. The most impressive blunder is undoubtedly on the side of the updates. In some cases, pacemakers still depend on programs operating under Windows XP … or even operating systems dating from the 1980s!
Lessons from the global attack
The magnitude of the problem is such that WhiteScope refers to “an industry-wide problem associated with software security updates.” Code libraries used by programs can also be obsolete and poorly secured.
These shortcomings can have serious consequences, as the recent WannaCry ransomware attack demonstrated. In the UK, many hospitals have borne the brunt of their obsolescence.
The authors of this report point out that most of these flaws are known. This is not the first alert on the subject. In December 2016, the US Food and Drug Administration (FDA) called on medical device manufacturers to make efforts on safety.
“We are experiencing great technological advances. At the same time, the increased risk of security breaches could affect the performance and operation of the devices, ”then warned the Deputy Director of the Department of Science and Strategic Partnerships, Suzanne Schwartz. In France alone, 60 to 70,000 pacemakers are implanted each year.
.
