Pacemakers and Defibrillators are vital to the cardiac health of those with heart rhythm issues. These devices must be monitored around the clock. They are connected, wirelessly, to computers around the world which allow medical professionals to collect data which could improve cardiac care in the future, but just as importantly, provide crucial updates. While this seems straightforward, the reality of all these devices connected to the internet leaves them vulnerable to hacker attacks and thus the concern for heart devices being accessed by malicious hackers. When dealing with such critical health monitoring, it could lead to health emergencies.
This vulnerability is not a new phenomenon. Abbott Laboratories recalled over 500,000 pacemakers because the FDA identified lax security which could lead to hackers altering a patient’s heart rhythm. Abbott supplied a firmware update to the pacemaker in question, the St. Jude’s Medical Accent. But before this patch, the danger was real.
While there has not been a documented instance of tampering with cardiac devices, the reason for this is that hackers are more likely concerned with other things, such as illegally downloading pirated software. But the risk is real according to Dr. Dhanujaya Lakkireddy, a prominent cardiac researcher. He suggests that hacking a cardiac device could throw an individual’s heart rhythm so far off that it could result in a fatality. With defibrillators, which supply an electric shock to the heart, a hacker could deliver unneeded shocks or fail to provide needed shocks to the heart.
While the risk to hacking remains remote, it is outweighed by the ability to transmit data from the patient to the doctor. It also allows for updates and adjustments to be done remotely. As with any device connected to the internet, robust security measures should be included to prevent unauthorized access to data. As technology changes, the medical community must keep pace (pun intended).
