Insulin pumps, pacemakers: Medical devices connected to the Internet could be victims of cyber attacks and therefore must now comply with certain cyber security guidelines in the USA.
• Also read: Canada fears Russian pirates
Used by hospitals and medical professionals, these medical products could be hacked and held for ransom, the Food and Drug Administration (FDA) said in an official guidance released Thursday and reported by CNN Business.
New medical devices must therefore be submitted with a plan to “monitor, identify and remediate” cybersecurity issues. A procedure must also be in place to provide “reasonable assurance that the device and associated systems” are protected.
A 2022 FBI report found that 53% of internet-connected medical devices and products in hospitals were within range of a cyberattack.
Among the vulnerable products, the report mentioned insulin pumps, intracardiac defibrillators – which can detect and stop irregular heartbeats – pacemakers and other devices that control heart rhythms.
“Malicious actors who compromise these devices may order them to provide inaccurate readings, administer drug overdoses, or endanger patient health,” the FBI report said.