GAO Warns of Wireless Medical Device Security Vulnerabilities


A recent report [PDF file] from the Government Accountability Office warns that more attention needs to be paid to wireless medical devices' potential vulnerability to hackers.

"In the report, GAO noted that FDA has focused on the fact that unintentional interference -- such as electromagnetic activity -- could affect medical devices," iHealthBeat reports. "FDA has devoted less time to examining how hacking attacks could harm medical devices, GAO said."

"The FDA is responsible for regulating medical devices and ensuring their safety," writes's James Walsh. "When the FDA has looked at devices' vulnerability to threats, the agency has focused more on unintentional threats, such as MRI machines or electromagnetic energy in the environment, the GAO said. But according to the GAO, regulators need to 'consider information security risks resulting from intentional threats when reviewing manufacturers' submissions for new devices.'"

"In a statement Thursday, three House Democrats called on the Food and Drug Administration (FDA) to scrutinize implantable medical devices more carefully," writes The Hill's Elise Viebeck. "The lawmakers cited government research showing devices such as cardiac defibrillators and insulin pumps can be vulnerable to tampering because of their wireless capabilities. 'Even the human body is vulnerable to attack from computer hackers,' said Rep. Anna Eshoo (D-Calif.). 'The demonstrated security risks require a renewed emphasis by the FDA and manufacturers to identify, evaluate and plug the potentially rare but serious security holes that exist in these devices.'"