Standards Board Warns of Potential Device Hacking, Calls for Increased FDA Authority
Posted 11 April 2012 | By
A board convened by the National Institute of Standards and Technology is warning the US Food and Drug Administration (FDA) about their concern for medical device safety in the wake of mounting security concerns about hacking, reports Wired and Medical Daily.
The group is calling for FDA-or another similar entity, if need be-to be granted the authority to assess the security of devices before being brought to market, as well as the establishment of a postmarketing surveillance system through the US Computer Emergency Readiness Team to track vulnerabilities, reports Wired.
"There is currently no single federal agency with responsibility for ensuring that the devices are secure before they're marketed to the public," explained Wired. "There also is no entity that has been tasked with dealing with security problems that arise with systems that are already on the market."
This poses monumental concerns for patients who depend on the devices for life-saving care, said experts who spoke to Medical Daily. One security researched from security firm McAfee was reportedly able to hack into and compromise insulin pumps wirelessly in just two weeks.
"We can influence any pump within a 300ft range," the security researcher, Barnaby Jack, said. "We can make that pump dispense its entire 300 unit reservoir of insulin and we can do that without requiring its ID number."
Wired - Board Urges Feds to Prevent Medical Device Hacking
Medical Daily - Many Popular Medical Devices May Be Vulnerable to Cyber Attacks