The Food and Drug Administration has issued a warning to consumers about cybersecurity issues in current medical devices that may be vulnerable to cyber hackers that may control them remotely. Third party software in medical devices that are outdated such as IPnet are at risk. IPnet is a software utilized in devices such as pacemakers and insulin pumps, etc.
Several vulnerabilities have been identified and may allow (hackers) “anyone to remotely take control of the medical device and change its function, cause denial of service, or cause information leaks or logical flaws, which may prevent device function.”
The FDA is current cooperating with “various stakeholders and subject matter experts to obtain a better understanding” of the risks and pointing out which medical devices that are vulnerable to cyber hacks. “However, due to the complexities in how the code from the IPnet third party software component was incorporated into various medical devices and the availability of the exact operating system versions impacted, it will be difficult to develop a comprehensive list of affected devices,” FDA spokeswoman Alison Hunt said in a statement.
Previously in June, Medtronic, producer of medical devices recalled certain models of insulin pumps that were vulnerable to hacks on concerns by the FDA. The FDA urges healthcare providers to advise patients that utilize medical devices of the risks. The FDA has inquired device manufacturers to evaluate the cybersecurity flaws and to share the results of the evaluation.