Insulin pump hacker gets federal attention as Reps ask for GAO investigation

August 18, 2011 by MassDevice staff

Reps Anna Eshoo (D-CA) and Ed Markey (D-MA) ask the Government Accountability Office to look into medical device security in response to the DefCon report from an insulin pump hacker.

Hackers virtual world

The recent report of an computer security expert who hacked his own insulin pump got the attention of members of the House Energy & Commerce Committee.

This week senior committee members Anna Eshoo (D-CA) and Edward Markey (D-MA) urged the Government Accountability Office to investigate the safety and security of wireless medical devices, citing an article written about the pump hack.

"My initial reaction was that this was really cool from a technical perspective," security expert and hacker Jay Radcliffe told the Associated Press. "The second reaction was one of maybe sheer terror, to know that there's no security around the devices which are a very active part of keeping me alive."

Radcliffe found that he was able to hack his own pump and alter it to respond a stranger's remote control. The report got a lot of attention and even garnered a response from med-tech giant Medtronic Inc. (NYSE:MDT), which dismissed the threat as being purely theoretical, since malicious software attack on a medical device has yet been reported.

"In bringing forward innovative wireless technologies and devices for healthcare, it’s critical that these devices are able to operate together and with other hospital equipment, and not interfere with each other’s activities and data transmissions," Eshoo and Markey wrote in their letter to the GAO. "It's also important that such devices operate in a safe, reliable, and secure manner."

All instances of hacked medical devices so far have come from research teams who had access to the devices and specialized equipment, not likely for real-world hackers.