Experts warn of pacemaker hacking threat

Security experts are worried that hackers might one day go after the medical devices designed to deliver medicine or help heart conditions. "I think the risk to patients today is extremely low," says Dr. Tadayoshi Kohno, co-author of an article about the security of implantable devices published Wednesday in the New England Journal of Medicine. But he cautions that we must think about what could happen five to 10 years from now, ABC reports.

Kohno and co-author William Maisel of the Cardiovascular Institute of Beth Israel Deaconess Medical Center in Boston have called for the FDA to regulate and work with medical device manufacturers to stop potential security breaches in a variety of wireless, implantable devices such as pacemakers or insulin pumps. They and other researchers from Beth Israel, Harvard Medical School, the University of Massachusetts Amherst, and the University of Washington have been sounding the alarm about the potential for medical device hacking.

The FDA has issued guidance drafts regarding cyber security, spokeswoman Peper Long tells ABC, adding that the agency has not heard reports of malicious attacks on pacemakers, ICDs or insulin pumps, Long said. And ICD maker Medtronic says the company "believes[s] the risk of deliberate, malicious, or unauthorized manipulation of an implantable device is extremely low."

This isn't the first time the schools have warned of the hacker threat to pacemakers. In 2008, they published an academic paper showing that a combination pacemaker and defibrillator with wireless capabilities, the Medtronic Maximo DR, can be hacked.

- click here to get report in NEJM (paid subscription required)
- see the 2008 InformationWeek article 
- see ABC's coverage