DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
Current Location:
> This Story

Log in or Register to rate this News Story
Forward Printable StoryPrint Comment


More Industry Headlines

FDA: No harmful effects with brain retention of gadolinium-based contrast agents Findings contrast with those of European Medicines Agency

Yale researchers create app to drive smarter CT utilization Enabling a more meaningful dialogue between physician and patient

Return on Investment – Maximize your hospital’s revenue on supply usage Declining reimbursement impacting hospitals throughout the U.S.

Stereotactic partial breast radiation therapy as safe as conventional radiotherapy Study shows CyberKnife can reduce patient burden with comparable outcomes

Tokyo researchers develop palm-sized gamma camera Capable of high-resolution, multicolor 3-D molecular imaging

Combining noninvasive ventilation and home oxygen improves outcomes for COPD patients Study finds better QoL and fewer hospital admissions

Activist investor Elliott Management takes 9.2 percent stake in Athenahealth Eyes 'disruptive value proposition' beneath unconventional leadership

Indiana hospital implements enterprise imaging platform Intelligent IT architecture can be a workflow game-changer

AAMI Product Showcase This month's AAMI Product Showcase

New 3-D photoacoustic imaging may speed breast cancer cell detection Checking tumor margins in the operating room

Kevin Fu,
head of the Archimedes Center
for Medical Device Security
at the University of Michigan

Medical devices riddled with security vulnerabilities

by Carol Ko , Staff Writer
An uptick in cybercrimes has spurred the U.S. Food and Drug Administration to put the medical device industry on notice.

Medical devices that fail to satisfy the agency's newly drafted cybersecurity guidelines may soon be blocked from approval once the guidelines are finalized later in the year, according to the agency.

Story Continues Below Advertisement


The Conserus™ suite of intelligent, flexible and vendor-neutral imaging solutions can help you connect your staff and existing systems across your entire enterprise. Because stronger connections deliver stronger outcomes. Click link to schedule a demo>>>

If finalized, this directive may have far-reaching consequences for medical manufacturers and how they design their products in the future.

Health IT experts say it's about time. Years ago in a laboratory experiment, Kevin Fu, head of the Archimedes Center for Medical Device Security at the University of Michigan, demonstrated how he could hack into a combination heart defibrillator and pacemaker to induce potentially fatal electric jolts.

There's no need to panic just yet — such a threat is currently only theoretical. But experts say these vulnerabilities demonstrate how far behind the medical industry is on cybersecurity measures that have long been standard in the consumer electronic space.

DOTmed Business News tracked Fu down so we could get his thoughts on the FDA directive, potential worst-case scenarios, device security, and projections for the future.

DMBN: First off, I know it's difficult to quantify the number of security breaches that happen, but can you point to any source that says these incidents are increasing?

KF: I was one of the first people to submit a report through the Medwatch 3500 process on an AED external defibrillator — it was the only one they received that year. Now I'm told they're receiving reports a couple of times a month.

And just recently there was just one person who discovered they were able to obtain the administrative passwords of over 50 medical devices, giving them complete control over each device including its function, its software and its behavior.

DMBN: What sort of cyber attacks have happened in the past?

KF: All the incidents I'm aware of are malware that accidentally get into a medical device. For instance, in my lab we have a pharmaceutical compounder, a device that creates nutrients taken intravenously. And it happens to run Windows XP, a piece of software that is ten years old and riddled with security vulnerabilities, yet it's still being deployed. Think of our outdated home PC software that got hit with malware — we've probably replaced them ten years ago. But guess what? They're still in hospitals.

DMBN: Do you think malware will eventually evolve to intentionally target medical devices?
  Pages: 1 - 2 - 3 - 4 >>


You Must Be Logged In To Post A Comment

Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Gold Service Dealer Program
Receive RFP/PS
Healthcare Providers
See all
HCP Tools
A Job
Parts Hunter +EasyPay
Get Parts
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to, Inc. Copyright ©2001-2017, Inc.