Ticker Tampering: The Redux

Author: 
Shana Leonard

Back in April 2008, I wrote a column titled, “Ticker Tampering: The Next Big Threat?” focusing on an academic coalition in which researchers discovered that they could reverse-engineer a Medtronic implantable cardioverter-defibrillator (ICD) with relative ease. They remotely hacked into the device, successfully obtaining patient information, draining the battery, and even inducing defibrillation. In addition to being intriguing, the story raised serious questions about implant security and the future of wireless medical technologies.

Apparently, I wasn’t the only one who found all of this fascinating. Since that report, various researchers have been exploring options for mitigating security risks in implants such as ICDs, pacemakers, neurostimulators, and insulin pumps that communicate via a wireless protocol. And now, two years later, initial ideas and research regarding how to address the threat of implant security breaches are beginning to surface.

Most experts fortunately agree that the risk of such an intrusive event is relatively low at present. However, they do express concern for the future when wireless devices are increasingly synched up and communicating with other technologies, such as computers or smart phones, for remote monitoring applications. “Now is a good time to be developing security systems since implantable medical devices are starting to have increased wireless ranges and increased interactivity,” says Tamara Denning, a PhD student at the University of Washington who gave a presentation on implant security at the Computer-Human Interaction conference in April. “Of course, security has to be balanced with device functionality, reliability, safety, and patient acceptance.”

Potential security technologies for implant integration identified by Denning and her colleagues include the use of passwords, physical tokens such as access cards, proximity-based authentication, and critically aware devices that can automatically detect an emergency situation. A recent paper published by Stuart Schechter, a Microsoft researcher, even proposes the use of invisible tattoos. He suggests that access keys could be encoded directly onto a patient’s skin using UV-ink micropigmentation. The common theme of all of these security technologies, though, is that they must provide little inconvenience to the patient and allow medical professionals access during an emergency in order to be successful.

Aside from promoting patient safety, being at the forefront of this implant security movement could pay off down the line for OEMs in terms of regulatory demands. A perspective piece in the April 1 edition of the New England Journal of Medicine, for example, recommended that FDA should make security analysis of life-critical implants part of premarket approval. Soon after, the April 19 issue of FDA’s “Devices & Diagnostics” newsletter announced that FDA has been collaborating with IEC and ISO to address cyber threats to implants as part of a new standard, IEC/ISO 80001. So, new requirements could be on the horizon.

But regardless of whether or not FDA steps in, the burden will still lie with OEMs to prevent or minimize opportunities for implant hacking. Begin planning now for a different kind of heart attack and provide patients with some security.