The FDA has recalled certain Medtronic MiniMed insulin pumps because there's a risk of them being hacked, the agency said.
According to the FDA press release, the company has been unable to adequately update the MiniMed 508 and Paradigm insulin pumps with any software or patch to address the devices' vulnerabilities; FDA is working with the company to address the issue and help patients switch to new models.
While there is no evidence the vulnerability has caused harm, FDA called the risk to patients "significant" if the cybersecurity weakness is not resolved. It could also cause too little insulin to be delivered, and a diabetes patient could suffer from hyperglycemia and diabetic ketoacidosis.
Billy Rios, co-founder of QED Secure Solutions, in late 2018 spoke to CBS News about cybersecurity flaws with Medtronic's pumps.
Health Canada posted an advisory on its website about the Medtronic insulin pumps on Saturday.
It sounds like the plot of a crime thriller, but both the FDA and Medtronic said there are no known cases yet of someone hacking an insulin pump.Читайте также: Israel allows fuel to enter Gaza after 3-day hiatus
The company issued a letter to customers and their doctors with recommended security precautions when using their insulin pump.
Check the FDA statement for the list of affected products.
According to the FDA, the MiniMed 508 and the MiniMed Paradigm wirelessly connect to multiple monitoring devices. FDA has yet to confirm a report of patient harm related to this recall. The affected devices connect wirelessly to a patient's blood sugar meter and to a continuous glucose monitor, which tracks a patient's blood sugar level throughout the day.
Similar cybersecurity alerts have been issued by the FDA regarding medical devices, including heart defibrillators and pacemakers. In the advisory, the department said the devices don't "properly implement authentication or authorization". An attacker who was in close enough physical proximity to the pump could masquerade as a CareLink unit, and send potentially life-threatening commands to the insulin pump over the air using a software-defined radio or similar kit.
It's interesting to note that numerous vulnerable Medtronic MiniMed insulin pumps are highly prized by diabetes sufferers because they have a security flaw that allows them to modify the firmware.
Disconnect the USB device from their computer when not using it to download data from their pump.При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2019 Copyright.
Автоматизированное извлечение информации сайта запрещено.
Код для вставки в блог