Implantable or worn devices exist in many environments, like hospitals, homes, clinics, blood banks, laboratories and care homes. Given their pervasive nature, and the fact hat they are increasingly connected by wireless, the FDA is urging manufacturers to first and foremost fully assess the risk of building wireless technology into devices before it’s implemented. The concerns range from patient data theft (information is often contained on the devices themselves) to more horrific worries, like a murderer shutting down vital functions via remote-access control.
Once RF capability has been deemed satisfactory, manufacturers should "consider appropriate security control methods" for their devices, the FDA said. Suggestions for doing so include:
- Limiting access to trusted users via authentication approaches such as user ID, password, smartcard and biometrics;
- Ensuring secure data transfer to and from the medical device, using encryption when appropriate; and
- Implementing fail-safe device features that protect critical functionality and also deploying features that let organizations recognize, log and act upon security compromises.
“The correct, timely, and secure transmission of medical data and information is important for the safe and effective use of both wired and wireless medical devices and device systems,” the report said. That means including protocols that maintain the security of the communications while avoiding known shortcomings of existing older protocols, and using up-to-date wireless encryption.
Interference is another big concern. The FDA recommends that consideration should be given to any limitations or restrictions for proper operation and RF wireless performance (e.g., alarms, back-up functions, alternative modes of operation) when the RF wireless link is lost or corrupted. In addition, worldwide frequency band allocation and international compatibility is critical to the operations of RF wireless medical devices, and should be considered in their design and development.
The recently deceased security researcher Barnaby Jack brought security concerns around medical devices to the forefront by stopping an insulin pump remotely, live on stage at the Hacker Halted conference in 2011. Jack demonstrated how he could scan radio frequencies and access implanted insulin pumps within a 300-meter range. Jack used his friend, a diabetes sufferer, in the audience to demonstrate how he could then control the insulin dispersed remotely, or shut it down.
Last year, he demonstrated that several vendors’ pacemakers can be remotely controlled and commanded to deliver a 830-volt shock via a laptop, thanks to software programming flaws on the part of medical device companies. The researcher noted that the vulnerabilities open the door to “mass murder.”