MassDevice

The Medical Device Business Journal — Medical Device News & Articles | MassDevice

Home » UPDATE – Insulin pump hacker outs Medtronic, company responds

UPDATE – Insulin pump hacker outs Medtronic, company responds

By

Hackers

The security expert who hacked his own insulin pump revealed that the device came from Medtronic Inc. (NYSE:MDT), and accused the med-tech giant of ignoring his warnings.

Today the Natick, Mass.-based med-tech giant posted its official response to the hullabaloo, writing that it takes device information security very seriously but sees malicious medical device hacking as a very low threat.

"As technology evolves, we will continually incorporate measures to maintain information security while ensuring our devices meet their intended purpose of improving and extending lives," according to a statement on the company’s site.

Medtronic says it keeps a watchful eye on the security landscape and incorporates the latest research findings into its design process, which is why it attends conferences like the Black Hat meeting in Las Vegas this month where reports of hacking an insulin pump first emerged.

Jay Radcliffe, a diabetic and cyber threat intelligence analyst at IBM, presented results from experimenting on his own insulin pump at the Black Hat security conference, but he never revealed the brand of the pump in question or how he exploited its vulnerabilities.

"My initial reaction was that this was really cool from a technical perspective," Radcliffe told reporters. "The second reaction was one of maybe sheer terror, to know that there’s no security around the devices which are a very active part of keeping me alive."

"This is a pretty rare incident. We’ve never had a real report of a real hacking case affecting anybody," Medtronic’s newly minted CEO said during a shareholder conference last week. "We take our security seriously – but we also consider it a very unlikely event."

After feeling dismissed by Medtronic and taking exception to public comments from the company, Radcliffe took the issue to the the public in order to pressure the company into making some changes, the Associated Press reported. Radcliffe claims the Dept. of Homeland Security made an introduction between him and the company, but calls and emails still went unanswered.

"We’ve never been contacted by the Department of Homeland Security," Medtronic spokesperson Steve Cragle told MassDevice. He insisted that the company was taking Radcliffe’s findings into consideration in an internal investigation. "We’ve been very open to his concerns."

Cragle called Radcliffe’s claims that calls and emails were ignored "just false," and was unstirred by Radcliffe’s promise to expose the pump’s vulnerabilities.

"We have already been working over the past several years to incorporate powerful encryption and security measures into our next generation products, including insulin pumps," according to MDT’s statement. " In addition, we collaborate with outside security experts and across business units to design our products with information security in mind to create rigorous, complex safeguards."

Minneapolis, Minn.-based Medtronic seemed skeptical of the Radcliffe’s anecdotal evidence shortly after the presentation made headlines, saying that his direct access to the pump and remote device and that his conscious decision to turn on the wireless feature of the pump were beyond the type of access a malicious hacker could reasonably have.

Radcliffe responded that the wireless feature he exploited can’t be accessed or switched off.

"To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide," a director of PR from Medtronic’s insulin pump subsidiary MiniMed Inc. told TuDiabetes.org, an online social network for diabetics.

All instances of hacked medical devices so far have come from research teams who had access to the devices and specialized equipment, not likely for real-world hackers. Just in case, researchers at MIT are working on a defensive device to jam unwanted signals from malicious sources.

Radcliffe’s story recently got the attention of several members of Congress, who urged the Government Accountability Office to investigate the safety and security of wireless medical devices.

In case you missed it

RSS From Medical Design & Outsourcing

  • Times Microwave Systems introduces next-gen micro coaxial cables
    Times Microwave Systems recently launched PhaseTrack 047, which the Wallingford, Conn.–based company describes as a phase stable, highly flexible, micro coaxial cable. Designed for DC to 70 GHz frequency ranges, PhaseTrack 047 is meant to meet size and performance needs for healthcare, spaceflight, 5G and telecom, test measurement and many other “in-the-box” applications. The smaller… […]
  • DTW: What in the world will Thrive Earlier Detection do with $257 million?
    In this week’s podcast, two executives from Thrive Earlier Detection explain how the “turbo-charged” diagnostics company intends to upend how, when and where cancer is diagnosed. Isaac Kinde, MD, PhD, co-founder and head of research and innovation, walks us through the company’s CancerSEEK test and how the company is marrying new technology with an innovative… […]
  • How the resumption of elective surgery may spur demand for high-volume surgical instruments
    (Image courtesy of Micro) Hospitals’ need for single-use surgical instruments may spike as they resume elective procedures following the worst of COVID-19. Outsourcing with a credible tubing partner allows OEMs to focus on core competencies internally and free up other resources for maximum competitive advantage. Jim Jock, Micro As elective surgeries resume during this time… […]
  • Dems seek to force EPA action on ethylene oxide monitoring
    Democrats in both houses of Congress have introduced legislation that would force the U.S. Environmental Protection Agency to better monitor emissions of ethylene oxide (EtO) from plants that manufacture the toxic gas or use it to sterilize medical devices. The Public Health Air Quality Act of 2020, sponsored by Sen. Tammy Duckworth (Ill.) and Rep.… […]
  • Schurter offers electrical components for harsh medical environments
    Schurter said today that it offers high-performance AC connectors, circuit protection, switches and EMC products to safely and reliably optimize performance for critically needed COVID-19 medical devices, including ventilators, respirators, diagnostic, therapeutic and laboratory equipment. The DG12 series power entry modules integrate an IEC inlet, EMC filter and rocker-style circuit breaker with optional IP67 protection,… […]
  • How laser inversion enables multi-materials 3D printing
    Researchers invent new technique that could transform additive manufacturing processes, potentially enabling the printing of circuit boards, electromechanical components, and perhaps even robots. 3D printing uses digital manufacturing processes to fabricate components that are light, strong, and require no special tooling to produce. One of the most widely used manufacturing processes, selective laser sintering (SLS),… […]
  • DelmiaWorks promotes Cheri Williams to CEO spot
    Dassault Systèmes recently promoted Cheri Williams into the CEO spot at its DelmiaWorks (formerly IQMS) manufacturing software business. Williams joined the company January 2017 as SVP of professional services, helping to build and grow the DelmiaWorks/IQMS business. As CEO, she will continue to focus on increasing customer value, enabling the digital transformation of mid-marketing manufacturing,… […]
  • Amend Surgical licenses oral-care hydrogel tech
    Harvard University’s Wyss Institute announced that it has licensed its tough gel adhesive technology to Amend Surgical, a Florida-based medical device company focused on developing and manufacturing novel biomaterials. Amend Surgical has been granted exclusive rights to develop the technology for oral surgery applications. The company aims to redefine the current standard of care, which today… […]
  • Advamed: Diagnostic COVID-19 tests shipments hit 1m
    U.S. shipments of COVID-19 molecular diagnostic tests reached 1 million per day for the week ending July 24, based on the latest data from AdvaMed’s national testing registry. The medtech trade group launched the registry July 21 to aid state and federal pandemic responses. “This incredible milestone is just the latest example of how the medical… […]
  • TE Connectivity beats The Street on lower medical sales
    TE Connectivity (NYSE:TEL) today reported its healthcare sales were down by -$15 million for the third quarter of its 2020 fiscal year. Schaffhausen, Switzerland-based TE Connectivity reported overall sales of $2.55 billion for the quarter ended June 26, 2020, down -24% from the same quarter one year ago. Earnings per share of $0.59 exceeded Wall Street… […]
  • Paragon 28 launches ankle fracture system
    Paragon 28 this week launched its Gorilla Ankle Fracture Pilon Plating System. The system offers pilon plates two surgeons with 26 unique options to address pilon various fractures of the distal tibia. The new implants also allows surgeons to choose from 78 unique plates for fractures of the fibula and tibia. Gorilla Ankle Fracture and… […]

Leave a Reply

MASSDEVICE MEDICAL NETWORK

DeviceTalks
Drug Delivery Business News
Medical Design & Outsourcing
Medical Tubing + Extrusion

MASSDEVICE

Subscribe to MassDevice
Advertise with us
About
Contact us

Add us on Facebook Follow us on Twitter Connect with us on LinkedIn Follow us on YouTube