MassDevice

The Medical Device Business Journal — Medical Device News & Articles | MassDevice

Home » UPDATE – Insulin pump hacker outs Medtronic, company responds

UPDATE – Insulin pump hacker outs Medtronic, company responds

By

Hackers

The security expert who hacked his own insulin pump revealed that the device came from Medtronic Inc. (NYSE:MDT), and accused the med-tech giant of ignoring his warnings.

Today the Natick, Mass.-based med-tech giant posted its official response to the hullabaloo, writing that it takes device information security very seriously but sees malicious medical device hacking as a very low threat.

"As technology evolves, we will continually incorporate measures to maintain information security while ensuring our devices meet their intended purpose of improving and extending lives," according to a statement on the company’s site.

Medtronic says it keeps a watchful eye on the security landscape and incorporates the latest research findings into its design process, which is why it attends conferences like the Black Hat meeting in Las Vegas this month where reports of hacking an insulin pump first emerged.

Jay Radcliffe, a diabetic and cyber threat intelligence analyst at IBM, presented results from experimenting on his own insulin pump at the Black Hat security conference, but he never revealed the brand of the pump in question or how he exploited its vulnerabilities.

"My initial reaction was that this was really cool from a technical perspective," Radcliffe told reporters. "The second reaction was one of maybe sheer terror, to know that there’s no security around the devices which are a very active part of keeping me alive."

"This is a pretty rare incident. We’ve never had a real report of a real hacking case affecting anybody," Medtronic’s newly minted CEO said during a shareholder conference last week. "We take our security seriously – but we also consider it a very unlikely event."

After feeling dismissed by Medtronic and taking exception to public comments from the company, Radcliffe took the issue to the the public in order to pressure the company into making some changes, the Associated Press reported. Radcliffe claims the Dept. of Homeland Security made an introduction between him and the company, but calls and emails still went unanswered.

"We’ve never been contacted by the Department of Homeland Security," Medtronic spokesperson Steve Cragle told MassDevice. He insisted that the company was taking Radcliffe’s findings into consideration in an internal investigation. "We’ve been very open to his concerns."

Cragle called Radcliffe’s claims that calls and emails were ignored "just false," and was unstirred by Radcliffe’s promise to expose the pump’s vulnerabilities.

"We have already been working over the past several years to incorporate powerful encryption and security measures into our next generation products, including insulin pumps," according to MDT’s statement. " In addition, we collaborate with outside security experts and across business units to design our products with information security in mind to create rigorous, complex safeguards."

Minneapolis, Minn.-based Medtronic seemed skeptical of the Radcliffe’s anecdotal evidence shortly after the presentation made headlines, saying that his direct access to the pump and remote device and that his conscious decision to turn on the wireless feature of the pump were beyond the type of access a malicious hacker could reasonably have.

Radcliffe responded that the wireless feature he exploited can’t be accessed or switched off.

"To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide," a director of PR from Medtronic’s insulin pump subsidiary MiniMed Inc. told TuDiabetes.org, an online social network for diabetics.

All instances of hacked medical devices so far have come from research teams who had access to the devices and specialized equipment, not likely for real-world hackers. Just in case, researchers at MIT are working on a defensive device to jam unwanted signals from malicious sources.

Radcliffe’s story recently got the attention of several members of Congress, who urged the Government Accountability Office to investigate the safety and security of wireless medical devices.

In case you missed it

RSS From Medical Design & Outsourcing

  • Could winged microchips monitor for airborne disease?
    Northwestern University engineers have created what they claim are the smallest-ever human-made flying structures — winged microchips that could monitor the air for disease and pollution. Engineering professor John Rogers and his team at Northwestern drew on inspiration from nature to create the microchips, which are the size of a grain of sand. The chips… […]
  • Smith+Nephew expands reach of its Cori handheld robotic system
    A year after Smith+Nephew (NYSE:SNN) launched its Cori handheld robotic system in the U.S.,  the ortho surgery system has launched globally. The British medtech giant has expanded Cori’s reach to Europe, Australia and New Zealand, India, and Canada (just announced today). The company yesterday said the system was now available for use in the U.K.’s National Health… […]
  • Elizabeth Holmes reportedly expresses remorse in criminal fraud trial
    Elizabeth Holmes reportedly revealed some regret over her handling of business as the ex-Theranos CEO took the stand again in a criminal fraud trial. Taking the stand yesterday for the third day of testimony in federal court in San Jose, California, Holmes was said to have shown remorse while still shifting some of the blame… […]
  • Supply chain, manufacturing issues slow Medtronic’s Hugo launch, ramp-up expected next fiscal year
    Medtronic (NYSE:MDT) Chair & CEO Geoff Martha confirmed that the launch of the Hugo surgical robot platform is off-schedule. Hugo received CE mark approval last month. The company is gearing up to conduct its FDA investigational device exemption (IDE) clinical trials in the U.S., with more on its stateside efforts still to come, Medtronic’s surgical robotics… […]
  • Minnetronix Medical honored in Minnesota for its MindsEye Expandable Port
    Minnetronix Medical (St. Paul, Minn.) received an award from the Minnesota Technology Association that highlights its MindsEye Expandable Port for minimally invasive deep brain access. The company won the association’s TEKNE award for best medical technology and devices. “Given Minnesota is a global epicenter for the medical device industry, this award is quite meaningful to Minnetronix… […]
  • BD expands biosciences business with reagent innovation center in San Diego
    A life sciences real estate developer announced today that BD (NYSE:BDX) selected its property as a new facility for its biosciences business. Through a joint venture with Tishman Speyer and Bellco Capital, Breakthrough Properties confirmed that BD chose its Torrey View by Breakthrough property for an expanded San Diego reagent innovation center within its biosciences… […]
  • The best places to work for medtech sales reps in 2022
    Teleflex (NYSE:TFX), ConMed (NSDQ:CNMD) and Medtronic (NYSE:MDT) topped the list of best places to work in medtech sales in 2022, according to a MedReps.com survey of medical sales representatives. The 11th annual MedReps survey polled over 2,300 MedReps professionals to determine which medtech sales companies are most sought-after in the industry. Overall, pay and leadership were the most… […]
  • How medtech fared in the first waves of the pandemic
    Medtech industry revenue, research spending and employment declined in the first year of the COVID-19 pandemic, according to a Medical Design & Outsourcing analysis of financial data. Total sales, R&D spending and employment for the world’s largest medical device companies declined in 2020 and early 2021, according to a Medical Design & Outsourcing analysis tallying… […]
  • FreeStyle Libre 3, other Abbott products recognized at CES Innovation Awards
    Abbott (NYSE:ABT) was honored for a handful of its offerings at the Consumer Electronics Show (CES) 2022 Innovation Awards. The company’s FreeStyle Libre 3 continuous glucose monitoring (CGM) system ranked among the top 15 products in the CES Best of Innovation category. The next-generation CGM system features the world’s smallest, thinnest glucose sensor that can… […]
  • Evonik launches new Resomer PrintPowder polymers for 3D printing of personalized, implantable medical devices
    Evonik has launched the second generation of Resomer PrintPowder polymers for 3D printing of personalized, implantable medical devices. Essen, Germany-based Evokik said the powders have a broader range of customizable mechanical properties and degradation rates, allowing their use for more complex and tailored medical devices including orthopedic, dental, or soft tissue applications. “These new powders… […]
  • Tungsten cable for surgical robotics: Challenges solved introduce new unsolved challenges
    Tungsten cable is the perfect strength, flexibility, and diameter for surgical robots. Connor Chiuchiolo and Scott Dailey, Carl Stahl Sava Industries When manufacturing tungsten mechanical cable for surgical robotics, the tungsten itself presents enormous mechanical upside, including extraordinary tensile strength captured within astonishingly small diameters. What’s more, tungsten stranded into ultrafine mechanical cable possesses a remarkable… […]

Leave a Reply