It is apparent that there is a real problem here. The threat of attack is real enough that in 2012, the physician of Vice President Dick Cheney disabled wireless functionality on Cheney’s heart implant to prevent an assassination attempt. Yet still, according to Erven, “Even though research has been done to show the risks, health care organizations haven’t taken notice. They aren’t doing the testing they need to do and need to focus on assessing their risks”.

 

Coming closer to present day, the issue of medjacking was reported on by InformationWeek. In the article, they referred to medical equipment as having a lack of basic security, using preconfigured devices with weak default passwords.

 

Solutions

 

To date, there is no set standard for protecting the privacy and security of medical devices. There have, however, been steps taken and solutions proposed for this serious problem. In 2013, a documentwas issued by the FDA recommending that wireless medical devices use wireless protection; included in this wireless protection would be data encryption and access controls. While this step is important, the FDA did not create a standard, but rather a recommendation.

 

Coming towards the end of 2013, the MIT Technology Review published an article on an innovative solution from Rice University. Researchers at Rice developed a method where doctors would hold a device to a patient’s chest to get a direct reading of their heartbeat. This reading is then compared to the heartbeat given over the wireless signal to confirm they match; of course, the signals of the heartbeat are encrypted to prevent hacking the connection. In this way patients are given an extra layer of security to ensure anyone trying to access the device is not a medjacker.

Issues persist, however, as last week NBC Chicago reported on infusion pumps with serious security flaws. These pumps could be easily accessed to alter dosages of anything from anesthetic to narcotics. The news clip below goes into further detail. From the clip, we can notice the change in response from a manufacturing company as compared to the earlier video by Bloomberg.

 

Continuing in last week’s news, KSLA News reported that representatives of Government, industry, academics, and medicine would now be meeting to begin creating standards for medical device protection.

 

Takeaways

 

What is important to take away from this article is the real consequences that can come out of a lack of security and privacy across our devices. It is easy for a user to shake off the importance of not wanting your data to be mined to create a profile of your life. Many can say they are comfortable with the level of security afforded to their credit card and banking information. It is impossible, though, to say we are ok with having little to no level of privacy or security that protects life. The call for better privacy and security protocols is louder than ever as we approach a point where our capabilities allow us to so easily do irreparable damage.