MassDevice

The Medical Device Business Journal — Medical Device News & Articles | MassDevice

You are here: Home / Drug Pumps / UPDATE – Insulin pump hacker outs Medtronic, company responds

UPDATE – Insulin pump hacker outs Medtronic, company responds

By Leave a Comment

Hackers

The security expert who hacked his own insulin pump revealed that the device came from Medtronic Inc. (NYSE:MDT), and accused the med-tech giant of ignoring his warnings.

Today the Natick, Mass.-based med-tech giant posted its official response to the hullabaloo, writing that it takes device information security very seriously but sees malicious medical device hacking as a very low threat.

"As technology evolves, we will continually incorporate measures to maintain information security while ensuring our devices meet their intended purpose of improving and extending lives," according to a statement on the company’s site.

Medtronic says it keeps a watchful eye on the security landscape and incorporates the latest research findings into its design process, which is why it attends conferences like the Black Hat meeting in Las Vegas this month where reports of hacking an insulin pump first emerged.

Jay Radcliffe, a diabetic and cyber threat intelligence analyst at IBM, presented results from experimenting on his own insulin pump at the Black Hat security conference, but he never revealed the brand of the pump in question or how he exploited its vulnerabilities.

"My initial reaction was that this was really cool from a technical perspective," Radcliffe told reporters. "The second reaction was one of maybe sheer terror, to know that there’s no security around the devices which are a very active part of keeping me alive."

"This is a pretty rare incident. We’ve never had a real report of a real hacking case affecting anybody," Medtronic’s newly minted CEO said during a shareholder conference last week. "We take our security seriously – but we also consider it a very unlikely event."

After feeling dismissed by Medtronic and taking exception to public comments from the company, Radcliffe took the issue to the the public in order to pressure the company into making some changes, the Associated Press reported. Radcliffe claims the Dept. of Homeland Security made an introduction between him and the company, but calls and emails still went unanswered.

"We’ve never been contacted by the Department of Homeland Security," Medtronic spokesperson Steve Cragle told MassDevice. He insisted that the company was taking Radcliffe’s findings into consideration in an internal investigation. "We’ve been very open to his concerns."

Cragle called Radcliffe’s claims that calls and emails were ignored "just false," and was unstirred by Radcliffe’s promise to expose the pump’s vulnerabilities.

"We have already been working over the past several years to incorporate powerful encryption and security measures into our next generation products, including insulin pumps," according to MDT’s statement. " In addition, we collaborate with outside security experts and across business units to design our products with information security in mind to create rigorous, complex safeguards."

Minneapolis, Minn.-based Medtronic seemed skeptical of the Radcliffe’s anecdotal evidence shortly after the presentation made headlines, saying that his direct access to the pump and remote device and that his conscious decision to turn on the wireless feature of the pump were beyond the type of access a malicious hacker could reasonably have.

Radcliffe responded that the wireless feature he exploited can’t be accessed or switched off.

"To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide," a director of PR from Medtronic’s insulin pump subsidiary MiniMed Inc. told TuDiabetes.org, an online social network for diabetics.

All instances of hacked medical devices so far have come from research teams who had access to the devices and specialized equipment, not likely for real-world hackers. Just in case, researchers at MIT are working on a defensive device to jam unwanted signals from malicious sources.

Radcliffe’s story recently got the attention of several members of Congress, who urged the Government Accountability Office to investigate the safety and security of wireless medical devices.

In case you missed it

RSS From Medical Design & Outsourcing

  • The Science of Multi-Layer Extruded Tubing and Medical Devices Incorporating Such Tubing
    By Steve Maxson, VP of Sales, Spectrum Plastics Group Multi-layer extrusion technology is a process in which two or more polymers are extruded and simultaneously joined in a co-extrusion die head to form tubing with multiple layers. Running two or three extruders into a co-extrusion die head produces a single, multi-layered, extruded tube from a… […]
  • Tolomatic names new CEO
    Paul Carlson has been named president and CEO of Tolomatic (Hamel, Minn.), a longtime supplier of electric linear actuators, pneumatic actuators and power transmission products for factory automation. Carlson has more than 30 years of manufacturing experience serving a broad spectrum of industrial, commercial, food and beverage markets globally. Most recently, Carlson was VP of… […]
  • IDS touts AI-based cameras and image processing system
    IDS Imaging Development Systems is touting its IDS NXT, which it describes as an all-in-one solution for AI-based image processing. IDS NXT includes camera hardware with a self-developed AI core and training software for creating individual artificial neural networks and support. Users only need their application expertise and sample images to create a neural network,… […]
  • Pavmed gains FDA breakthrough nod for esophageal pre-cancer test
    Pavmed (NSDQ:PAVM) recently announced that its Lucid Diagnostics subsidiary has received FDA breakthrough device designation for its EsoGuard esophageal DNA test. The test uses esophageal samples collected using Lucid’s 510(k)-cleared EsoCheck cell collection device from certain patients at elevated risk for esophageal dysplasia due to chronic gastroesophageal reflux disease (GERD). EsoGuard and EsoCheck are designed to… […]
  • FDA launches pilot to streamline 510(k) process
    The FDA has begun a pilot program to make its medical device clearance process less cumbersome  for applicants. With the electronic Submission Template And Resource (eSTAR) program, the application’s content is embedded within a PDF document so applicants can more easily develop, view and edit a 510(k). The agency said it will select up to… […]
  • Health Canada implements electronic medical device clinical trial data submission
    By Stewart Eisenhart, Emergo Group Health Canada, Canada’s medical device market regulator, has begun accepting some clinical trial-related information from sponsors via electronic submissions. Get the full story here at the Emergo Group’s blog. The opinions expressed in this blog post are the author’s only and do not necessarily reflect those of MedicalDesignandOutsourcing.com or its… […]
  • This company’s medical containment system played a role in a coronavirus evacuation
    The Containerized Bio-Containment System (CBCS), developed by Kansas City-based MRIGlobal, is a first-of-its-kind, flyable medical transport unit and features full biocontainment. This past week, the CBCS was brought into the ongoing worldwide coronavirus outbreak. Get the full story on our WTWH Media sister site R&D World.  The post This company’s medical containment system played a […]
  • Zeiss expands its portfolio of microscope cameras
    Zeiss recently announced that it has added four new CMOS cameras for digital imaging in light microscopy. These cameras are part of the Oberkochen, Germany-based company’s Axiocam series. The Axiocam 705 color and 712 color are designed to deliver the best possible image quality for histology, pathology or material research and analysis, thanks to excellent… […]
  • FDA recommends limiting use of power morcellators
    The FDA today recommended that laparoscopic power morcellators, which have been implicated in the spread of cancer, be limited to use with certain tissue containment systems and only in premenopausal women who have suspected fibroid tumors and are under 50 years of age. Power morcellators were used for 20 years to laparoscopically remove benign tumors… […]
  • Abilitech aims to arm people with independence
    Some have dubbed Abilitech’s device “a wheelchair for the arms.” Its machined aluminum exoskeletal arm and breathable cloth vest use a spring counterbalance system and a “living hinge” that spreads the load, making it — and the arm — feel weightless. Nancy Crotti, Managing Editor Rob Wudlick brushed his teeth on his own recently for… […]
  • RJG Germany opens injection molding training facility
    RJG Germany (Karlstein) recently opened a new training lab for injection molding. The facility consists of a classroom that seats up to 20 students and a fully equipped lab for hands-on experience. The technical center currently consists of a 60-ton injection molding machine from Yizumi Germany, temperature control units and a material drying system from… […]

Leave a Reply

MASSDEVICE MEDICAL NETWORK

DeviceTalks
Drug Delivery Business News
Medical Design & Outsourcing
Medical Tubing + Extrusion

MASSDEVICE

Subscribe to MassDevice
Advertise with us
About
Contact us
Add us on FacebookMassDevice Network
Follow us on Twitter@MassDevice
Connect with us on LinkedInLinkedIn
Follow us on YouTube YouTube