Researchers conducted a “reverse engineering and security analysis of the proprietary long range communication protocol between the device programmer” and implantable cardioverter defibrillators, as reported by Health IT Security.
Here are five insights:
1. The researchers warn DoS attacks could result in numerous patient safety complications.
2. The researchers found that many attacks can disrupt the ICD availability as well as compromise patient privacy.
3. The study noted ICDs have four modes: sleep, interrogation, reprogramming and standby. Researchers found after activation, an ICD sits in ‘standby’ mode for five minutes, as opposed to immediately going into ‘sleep’ mode when a communication session has finished.
4. Because of this “implementation flaw,” attackers can activate the ICD from afar. This DoS attack will continuously activate the ICD via long-range communication, ultimately killing the battery.
5. The researchers recommended utilizing jamming as a short-term solution. Long-term, the researchers suggested external devices send ICDs a ‘shutdown’ message, so the devices immediately enter ‘sleep’ mode following communication.
More articles on quality & infection control:
FDA bans 2 types of powdered gloves out of patient safety concerns — 4 key notes
North America dominates HAI control market with market expected to reach $34.4M by 2020: 7 things to know
30 statistics on benefits for advanced practice registered nurses
