UPDATE: Could a medical device be used to cyberassassinate?

October 26, 2011 by MassDevice staff

Medtronic responds to a McAfee report on the potential for malicious hackers to use insulin pumps as a weapon for cyber assassination, detailing the steps it's taking to confront the issue and reassure patients that the devices are safe.

Masked hacker

At least one Medtronic Inc. (NYSE:MDT) insulin pump has software vulnerabilities that could make it a target for malicious hacks and other models may also be at risk, according to software security giant McAfee.

The McAfee team developed code that allowed it to take over the insulin pump, altering its programming and even administering potentially lethal doses from as much as 300 feet away.

While malicious hacks on medical devices have never occurred outside of research settings, the tactic could be used as a new type of cyber weapon, McAfee researchers found.

Sign up to get our free newsletters delivered straight to your inbox

Medtronic hired Symantec and other tech security firms to investigate its insulin pumps after security experts began questioning vulnerabilities exposed during a security conference in Las Vegas this summer, Reuters reported.

Medtronic spokesperson Steve Cragle told MassDevice that the company is rolling out a concerted push to confront and solve the issue.

"We're in the process of spotlighting this update on our Medtronicdiabetes.com website, as well as on our diabetes-specific site and have been in communication with the diabetes community through social media channels since this issue was first raised," Cragle told us in an email. "We have also been directly briefing key diabetes advocacy organizations and influencers."

The world's largest pure-play device maker told us that it's taken a number of steps to combat the potential for hackers to hijack wireless devices.