Cyber attack: vulnerable medical devices will have to be protected in the United States
Insulin pumps, pacemakers: Internet-connected medical devices could be the victim of cyberattacks, so they will now have to meet specific cybersecurity guidelines in the United States.
These medical products used by hospitals and medical professionals could be hacked and subject to a ransom demand, the Food and Drug Administration (FDA) said in an official directive issued Thursday and reported by CNN Business.
New medical products will thus have to be submitted with a plan to “monitor, identify and address” cybersecurity issues. A process will also need to be in place to provide “reasonable assurance that the device and associated systems” are protected.
A 2022 FBI report found that 53% of medical devices and products connected to the internet in hospitals were within easy reach of a cyberattack.
Among the vulnerable products, the report noted insulin pumps, intracardiac defibrillators – which detect and stop heartbeats irregular hearts -, pacemakers and other devices that control the heartbeat.
“Malicious actors who compromise these devices can order them to give inaccurate readings, administer overdoses of drugs, or to endanger the health of patients,” said the FBI report, according to the American media.