I’ve spent quite some time thinking about medical device cybersecurity and talking to experts about medtech hacking, but there’s an angle that I’d failed to consider: Can medtech hacking be used for good?
Video game developers over at Warner Bros. Games Montreal turned the tables on healthcare cybersecurity, giving Batman pacemaker-hacking skills with which to fight crime in the latest action-packed Batman video game, "Arkham Origins."
This early version of Batman (he’s just beginning to make a name for himself around Gotham) possesses both the technology and the know-how to hack a pacemaker, threatening to do so when a criminal with a heart problem refuses to spill the beans.
"I can control your pacemaker remotely," Batman says, fiddling with the digital heads-up-display in his uber-tech gauntlets. "Want to see what 250 beats per minute feels like?"
"You wouldn’t," whimpers the already-tied-up villain (who will remain nameless in the interest of sparing other players from spoilers).
It’s an unlikely scenario, but one based loosely in present-day fact. Security experts in 2008 demonstrated the 1st remote hack on an implantable pacemaker, and reports since then have highlighted cybersecurity vulnerabilities in an array of healthcare technologies, including insulin pumps and hospital management systems.
It’s not the 1st time that pacemaker hacking has made it into the mainstream media. A 2012 episode of television drama Homeland depicted a terrorist remotely hacking a politician’s pacemaker. The scene spurred a response from security expert Barnaby Jack, who deemed the fiction "not too far off the mark."
Jack died suddenly in July, at the age of 35, just days before he was scheduled to release his own pacemaker "exploit" at an international cybersecurity conference in Las Vegas.
The FDA is building a cybersecurity lab and companies like Medtronic (NYSE:MDT) have promised to make medtech cybersecurity a priority, suggesting that the issue is more than a plot device, but, for now, medical device hacking remains in the realm of fiction and research.
There have been no reports to date of any cyber-breaches directly affecting implanted medical devices, but some experts caution that it’s just a matter of time. Others warn that regulators have no system in place to detect or identify hacks in medical implants, so there’s no way of knowing whether it’s happened or not.
If (perhaps when) the 1st hacks are committed or exposed, I hope they’re motivated by someone like Batman, rather than some malicious joker.