Some of the top medical device companies gave hundreds of ethical hackers permission to break into their devices to see if any bugs could pose problems if found by the wrong people. These devices range from pacemakers to drug infusion pumps. These companies are hoping to get ahead of hackers targeting medical devices.
Hackers Targeting Medical Devices
Back in 2011, cybersecurity researcher Jay Radcliffe made waves for showing how he could hack his own implantable insulin pump at Def Con’s sister conference Black Hat. He got intense blowback from the medical device industry. Most of these companies see hackers who are trying to do good by pointing out these flaws with suspicion.
Now, eight years later, vendors have submitted 40 medical devices for hackers to test.
Even the government is backing them up. Since 2011, the FDA has released a series of rules urging device makers to vet their products for vulnerabilities and to have a formal process for dealing with them. They even encouraged companies to bring their products to the ethical hackers at the Def Con conference.
Def Con even brought doctors to pair up with the hackers since they handle medical devices with their patients. They also created a fake hospital environment for the hackers to work in.
“It really helps to create that hospital environment for (cybersecurity researchers to work. It will help them understand how these devices are really used, how they fit into the clinical setting, how a patient really uses this.” –Chris Tyberg, vice president of Abbott’s product security division (medical device manufacturer)
Read more here.