You may get a heart attack when you hear about this vulnerability

The progress in technology particularly in the field of medical implants has been very impressive. Today “Techno Medical Experts” speak of , Smart Contact Lenses, Phrenic Nerve Stimulation, Glucose Biosensors, Cochlear Implants, Pace Makers and Cardioverter Defibrillators, Bladder Implants etc.

What these implants mean to an ordinary person is that many of the life critical aspects of the human body can be controlled by these implants which run on electronic signals. Such implants can also influence and control what we see and what we hear and perhaps what we touch and sense.

At the same time Cyber Security observers will also realize that if any of these implants can be hacked, then just like the Smart Cars, Smart Bodies can also crash.

These doubts are no longer the fancy imaginations of film and TV serial makers. Recently US FDA confirmed that Cardiac implants from St Jude’s are hackable. (See here).

It is also informed that St Jude has developed software patches to fix vulnerabilities for which the patients need to plug in to the transmitter and “Update” their “body”. It is scary how the patient would feel when he connects to the transmitter and decides to switch on the upload of the patch. Will he upload a patch from a reliable St Jude source? or will he upload a virus?” Is the patch “Digitally signed”? could be some of the thoughts that may be going through his mind. It would have been better if the Company had recalled the patients to their official labs and uploaded the patches in their ICU rather than let the patients sit in their homes and update the patch.

The incident highlights how “hackable” IT devices are placing our life at risk and should be an eye opener for the technologists not to neglect security in any electronic instrument whether they control the life critical human body functions or the financial transactions or any other activity.

Users need to be “Smart” about Security before they embrace the new “Smart Technologies”.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.