The recent report of an computer security expert who hacked his own insulin pump got the attention of members of the House Energy & Commerce Committee.
This week senior committee members Anna Eshoo (D-CA) and Edward Markey (D-MA) urged the Government Accountability Office to investigate the safety and security of wireless medical devices, citing an article written about the pump hack.
"My initial reaction was that this was really cool from a technical perspective," security expert and hacker Jay Radcliffe told the Associated Press. "The second reaction was one of maybe sheer terror, to know that there’s no security around the devices which are a very active part of keeping me alive."
Radcliffe found that he was able to hack his own pump and alter it to respond a stranger’s remote control. The report got a lot of attention and even garnered a response from med-tech giant Medtronic Inc. (NYSE:MDT), which dismissed the threat as being purely theoretical, since malicious software attack on a medical device has yet been reported.
"In bringing forward innovative wireless technologies and devices for healthcare, it’s critical that these devices are able to operate together and with other hospital equipment, and not interfere with each other’s activities and data transmissions," Eshoo and Markey wrote in their letter to the GAO. "It’s also important that such devices operate in a safe, reliable, and secure manner."
All instances of hacked medical devices so far have come from research teams who had access to the devices and specialized equipment, not likely for real-world hackers.
Minneapolis, Minn.-based Medtronic seemed skeptical of the Radcliffe’s anecdotal evidence, saying that his direct access to the pump and remote device as well as his conscious decision to turn on the wireless feature of the pump were beyond the type of access a hacker could reasonably have.
While medical devices have not yet proven to be an alluring target for malcontents, researchers at MIT are working on a defensive device to jam unwanted signals.