Experts warn hackers could tamper with pacemakers

First they came for your computer, now it’s your pacemaker. US experts have warned those living with pacemakers could potentially have their devices hacked by cybercriminals seeking to tamper with the equipment or cause deliberate harm.

Writing for the Journal of the American College of Cardiology, the Electrophysiology Council said hackers could soon be able to deactivate or reprogram certain pacemaker features, causing electric shocks, battery depletion and interrupting wireless communications that help doctors monitors patients’ conditions.

Article author Dr Dhanunjaya Lakkireddy told Starts at 60 that while hackers are yet to successfully gain access to a pacemaker and cause harm, they’re increasingly finding loopholes in the technology.

“Anytime devices operate through the internet it open up a theoretical possibility,” he said. “While hackers may not be able influence the device parameters at this point in time, one could see the diagnostic information from a given device.”

Dr Lakkireddy said doctors and government regulators need to use “aggressive anti-hacking methods” to protect patients from malicious attacks in future.

“Industry should work on proper design to not permit major device programming changes online,” he said. “There should be appropriate safeguards from the hardware and software standpoint. Hospitals and physicians should be in tune for this possibility and secure the servers through which information passes between system computers and patient’s devices.

“Government should come up with strict legislation to protect patients from this type of possibility. The laws needs to be tightened to punish the hackers appropriately to discourage that kind of behaviour.”

It’s not just random hackers who pose a risk either. Patients have been told “not share their medical information and use of these devices widely with other people except for their close family members” to reduce the risk of the sensitive information falling into the wrong hands.

It’s not the first time pacemaker hacking has made headlines. Last year, the US Food and Drug Administration (FDA) recalled thousands of pacemakers because they were at risk of being compromised by cybercriminals. The recall was also believed to affect thousands of Australians who had been fitted with the device.

Abbott, the company behind the faulty pacemaker, later said it had approved a “firmware update” designed to fix the cybersecurity vulnerability and had eliminated the software fault.

About 15,000 pacemakers were implanted in Australia last year. A further 4000 were fitted with implantable cardioverter-defibrillators, which also pose a potential hacking threat.

Although the possibility of a medical device being hacked may seem remote, former US Vice President Dick Cheney revealed in 2013 that his doctors had disabled the wireless capabilities of his own pacemaker to thwart possible assassination attempts through hacking the device.

Do you or anyone you know have a pacemaker? Do you worry about the potential for hacking?