Hospira says demonstration of cyberattack against its infusion pump was unrealistic

Embattled Hospira ($HSP) responded to a live demonstration of a cyberattack against one of its infusion pumps at the BlackBerry Security Summit in New York. Cybersecurity concerns related to its pumps resulted in FDA encouraged the transition to other products, in what was a landmark action for the agency and its efforts to protect patients from attacks by hackers. The demonstration only added to concerns that the first targeted attack against an individual is around the corner. But Hospira said the demonstration did not reflect difficulty of pulling off such a stunt in the real world. "For a hacker to successfully attack an infusion pump, they would likely need to remove the device from the clinical environment, modify the pump and return the device to a clinical setting," the company said in a statement. "These demonstrated hacks were done in non-clinical environments without the security protections and protocols typical of real patient care settings. For patient use, these devices are connected to hospital networks and any attempts to remotely attack an infusion device would require penetration of several layers of network security enforce by the hospital, including firewalls. These measures serve as the primary defense against tampering with a medical device." More | Here's a video of the demonstration