MedWarn.org
  • Alerts
  • Drugs
    • ADHD Medications
    • Allergy Treatments
    • Antidepressants
    • Antipsychotics
    • Antibiotics
    • Antiseizure
    • Arthritis
    • Cancer Treatments
    • Cardiovascular
    • Diabetes Treatments
    • Dietary Supplements/Weight Loss
    • Erectile Dysfunction
    • Gastrointestinal
    • Hormone Therapy
    • Oral Contraception
    • Pain Relief
    • Respiratory
    • Skin Conditions
    • Sleep
  • Vaccines/Biologics
    • Blood Products
    • Genetic Testing
    • Tissues
    • Vaccines
  • Devices
    • 3D Printed
    • Autoinjectors
    • Brain Devices
    • Breast Implants
    • Cardiac Devices
    • Contraceptive Devices
    • Cyber Security
    • Home Health Devices
    • Hip Implants
    • Infusion Pumps
    • Respiratory Systems
    • Stents
    • Surgical Devices
    • Transvaginal Mesh
  • Tobacco
  • Resources
    • Product Safety and the FDA
    • Product Recalls
    • Product Liability Lawsuits
    • Questions For A Lawyer
    • Get Help
  • About Us

Alerts, Recalls, and Legal Headlines

Sign-up to receive recall notices, medical news, and litigation updates.

SIGN-UP

FBI Warns That E-Health Records and Internet Connected Medical Devices Are Vulnerable to Cyber Attack

5/1/2014

0 Comments

 
The FBI’s Cyber Division released a Private Industry Notification (PIN) on 8 April 2014 detailing in stark terms that healthcare records and medical devices are poorly defended against cyber intrusions.  The problem is exacerbated by the looming 2015 deadline for transition to electronic health records (EHR) as envisioned by the Information Technology for Economic and Clinical Health Act (Public Law 111–5, 123 Stat. 115 (2009)).  The FBI report asserts that the EHR transition and the increasing number of medical devices that are connected to the internet will collectively offer fertile territory for cyber criminals unless collective defensive action is taken, including smart investments in cyber security technology. 

Until recently the discussion of cyber security was primarily focused on national security, infrastructure, and the financial industry -- and with good reason.  The Washington Post reported in its 24 March 2014 edition that in 2012 Federal agents notified over 3000 private sector companies that they had been the subject of cyber intrusions.  The victims included large and small firms across the spectrum of industries -- from banks to defense contractors to retailers like Target.  While 3000 may seem like an large number, the Washington Post article quoted experts like James A. Lewis of the Center for Strategic and International Studies who suggested that the problem is actually far worse because those known attacks are merely a fraction of the overall number of cyber intrusions each year.

The FBI Cyber Division report notes that the healthcare industry writ large is “not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely.”  Not only are the personal medical records of individuals at risk, so too are medical devices.  In June 2013 the Department of Homeland Security and the Food and Drug Administration issued a coordinated alert to healthcare facilities and medical device manufacturers urging that they upgrade their defenses against cyber intrusions.  The alert documented a password vulnerability affecting “roughly 300 medical devices across approximately 40 vendors.”

Regrettably, the problem is not theoretical.  Wired Magazine recently carried a story by Kim Zetter discussing the findings of a two-year study of the cyber integrity of medical equipment at a “large chain of Midwest health care facilities.”  Among the disconcerting findings are the ability of cyber attackers to remotely manipulate “drug infusion pumps–for delivering morphine drips, chemotherapy and antibiotics; . . . Bluetooth-enabled defibrillators that can be manipulated to deliver random shocks to a patient’s heart or prevent a medically needed shock from occurring; X-rays that can be accessed by outsiders lurking on a hospital’s network; temperature settings on refrigerators storing blood and drugs that can be reset, causing spoilage; and digital medical records that can be altered to cause physicians to misdiagnose, prescribe the wrong drugs or administer unwarranted care.”

Clearly, there remains much to be done to ensure the healthcare industry and medical devices are better protected against cyber threats.  

[1] FBI Cyber Division Private Industry Notification #140408-009, 8 Apr. 2014
[2] http://www.wired.com/2014/04/hospital-equipment-vulnerable/
[3] http://www.washingtonpost.com/world/national-security/2014/03/24/74aff686-aed9-11e3-96dc-d6ea14c099f9_story.html
[4] http://ics-cert.us-cert.gov/alerts/ICS-ALERT-13-164-01

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    September 2013
    July 2013
    June 2013
    May 2013
    March 2013
    January 2013
    July 2012
    June 2012
    March 2012
    February 2012
    August 2011
    December 2010
    August 2010
    February 2009
    July 2008

    RSS Feed

    Categories

    All
    3D Printing
    3D Printing
    Acid Reducers
    Acne Treatments
    ADHD
    Allergies
    Antibiotics
    Antidepressants
    Anti-Epilepsy
    Antipsychotics
    Antiviral
    Arthritis
    Aspirin
    Asthma
    Autism
    Birth Control
    Birth Defects
    Blood Products
    Bone
    Brain
    Cancer
    COPD
    Cyber Crime
    Diabetes
    Dietary Supplements
    Dna-testing
    E-cigarettes
    Electronic Health Records
    Eliquis
    Epilepsy
    FDA/Approvals
    FDA Recalls
    FDA/Recalls
    FDA Warnings
    FDA Warnings
    Hearing-devices
    Hearing Loss
    Heart
    Hemophilia
    Hip Implants
    Hormone
    HPV
    Infants
    Infusion Pump
    Invokana
    Legal News
    Migraines
    Mirena
    Monitors
    Multiple Sclerosis
    Pain Relief
    Research
    Resuscitation
    Risperdal
    Sleep
    Stents
    Stroke
    Surgical Device
    Surgical Device
    Topamax
    Transvaginal Mesh
    Vaccine
    Weight Control
    Weight Control

    RSS Feed



    120x600
Powered by Create your own unique website with customizable templates.
Photos used under Creative Commons from Official U.S. Navy Imagery, madaise, outcast104, archibald jude, Vee-vee