40,000 Unregulated Health Apps, And Counting

By Robert Vamosi | 7/9/12 2:36 AM

Are healthcare apps written for mobile devices regulated?

Read More >

NCCIC Urges Medical Device Security Review

By Robert Vamosi | 6/8/12 1:08 AM

The National Cybersecurity and Communications Integration Center (NCCIC) is urging federal agencies to better monitor medical device security after documented cases of cybersecurity issues.

Read More >

New Bi-Partisan Medical Device Legislation Announced

By Robert Vamosi | 3/16/12 2:43 AM

In Washington, Senators Jeff Merkley (D-Ore.), Chuck Grassley (R-Iowa), Michael Bennet (D-Colo.) and Herb Kohl (D-Wisc.) co-authored legislation that would better regulate the fast-growing medical device industry.

Read More >

Robot Surgeries Get Hacked ... For Good

By Robert Vamosi | 1/19/12 6:52 AM

Robotic surgeries are designed to help emerging countries deal with complicated healthcare issues. But so far only one product, Intuitive Surgical's da Vinci system, is available and deployed worldwide. Now US National Science Foundation hopes that students hacking open-source surgical robots at universities in the U.S will spur more competition.

Read More >

Johnson & Johnson Warned By FDA Over Insulin Pump Failures

By Robert Vamosi | 1/12/12 3:33 AM

In late December, the Food and Drug Administration (FDA) sent the pharmaceutical company Johnson & Johnson a letter warning of possible penalties for not reporting life-threatening vulnerabilities with its OneTouch Ping and 2020 insulin pumps. It is unclear whether the vulnerabilities are outright device failures or from interference or manipulation from outside sources.

After an inspection at Johnson & Johnson's subsidiary plant in West Chester, Pa., the FDA discovered one complaint about series patient injury and two other incidents never reported. According to the FDA one patient was hospitalized with diabetic ketoacidosis, a condition where the body does not have enough insulin. Another received high doses of insulin. And a third patient suffered serious injury, which could include coma, respiratory failure, and hypoglycemia as a result of user error.

Read More >

New Medical Devices Require New Approaches to Device Security

By JDavis | 11/18/10 9:45 AM

As the use of implanted medical devices--including pacemakers, cardiac defibrillators and insulin pumps--continues to increase, the technologies driving them are becoming significantly more advanced. Today, many of these medical devices are using forms of wireless connectivity for communications, making these life-saving devices easier and more convenient for patients and their doctors--but also potentially putting them at risk of being hacked. These security and privacy concerns are driving security experts to explore a range of new options for protecting these critical devices and the patients that depend on them.

Read More >

Integrity for Implanted Medical Devices?

By JDavis | 11/15/09 6:44 PM

Lifesaving implanted medical devices such as defibrillators and pacemakers are going increasingly high-tech, with some devices now shipping with wireless communications capabilities. This technology gives doctors instant access to critical patient information and allows them to send remote commands and sometimes even software updates, wirelessly. But few, if any of this new generation of wireless-enabled medical devices contain even basic embedded security measures. Researchers have already shown it possible to gain access to a wireless-enabled implanted device to drain all power from its battery. The same researchers were also able to extract sensitive, personal information from the device.

Read More >

Conficker Infects Critical Medical Devices

By JDavis | 5/3/09 6:13 PM

The Conficker worm didn't just hit PCs -- it also infected several hundred critical medical devices, a security expert said in a panel at the RSA security conference. Right now it's unclear how the devices, which control things like heart monitors and MRI machines, got infected. But it underlines the need to secure medical systems with embedded firewalls and anti-malware software like Mocana's NanoDefender™.

The computers are older machines running Windows NT and Windows 2000 in a local area network that was not supposed to have access to the Internet, however, the network was connected to one that has direct Internet access and so they were infected, he [Marcus Sachs, director of the SANS Internet Storm Center and a former White House cybersecurity official] recently told CNET news.

The situation illustrates the dangers of connecting critical networks, like in hospitals and in SCADA (Supervisory Control and Data Acquisition) systems used by utilities and other critical infrastructure providers, with networks connected to the Internet, he said during the panel "Securing Critical Infrastructures: Infrastructure Exposed."

"We're seeing a huge uptick in probing for SCADA systems," said Jerry Dixon, director of analysis and vice president of government relations at research firm Team Cymru. For years, the SCADA systems were separated from the public networks, but that's not the case anymore, he said.

While PCs do remain the primary targets, hackers and malware-writers are increasingly setting their sites on non-PC SCADA devices attached to the network. In other words, as PC security mechanisms have become more sophisticated, non-PC SCADA devices are becoming the more attractive, comparatively "soft" targets -- an easier way into the host network, thereby threatening our critical national infrastructure.

Download this FREE Whitepaper that dives further into why SCADA devices are under fire and what you can do about it.

Read More >

Intel/GE and Next-Generation Home Health Technologies

By JDavis | 4/16/09 6:03 PM

In the rapidly growing market for home-health devices, Intel and General Electric are joining forces in a five-year, $250 million alliance to market and develop home-based health technologies. These devices will be designed to help seniors live independently and patients with chronic conditions better manage their care from home.

Read More >