A Royal Academy of Engineering (RAENG) report has warned that health technology is vulnerable to cyber attacks and that criminal hackers could kill patients by attacking their pacemakers or heart pumps.
Experts cautioned that connected health devices, such as pacemakers or wearable health monitors that are linked to the Internet or internal computer networks, could provide a gateway for criminal hackers to plant ransomware.
Professor Nick Jennings, of the RAENG and Vice Provost at Imperial College London, said: “There is genuine harm that can be done through poor cyber security on medical devices, on future-connected homes, on autonomous vehicles, and if they are not dealt with then that will lead to harms and deaths.
“There are vulnerabilities in a range of connected medical devices. Dick Cheney famously changed the settings on his pacemaker because he wanted to make sure he wasn’t vulnerable to an attack and fans of Homeland will know that’s how they killed off the president.
The report calls for new regulation to ensure that Internet-connected devices are not vulnerable to hacking, with experts pointing out that many healthcare devices were designed before the threat was identified.
Mitigating software vulnerabilities
Penetration tests allow organisations to identify and address vulnerabilities before their products are released. This is more cost-effective than discovering the vulnerability later and having to patch the software, or worse yet, having a cyber criminal discover and exploit the vulnerability.
IT Governance is a CREST-accredited provider of penetration tests, and we offer a range of services to help organisations of all sizes manage their cyber security strategies.