DHS Investigates Possible Vulnerabilities In Medical Devices, Report Indicates

Adam Greenberg | SC Magazine | October 22, 2014

Citing an unnamed senior official at the U.S. Department of Homeland Security (DHS), Reuters reported on Wednesday that the agency is investigating roughly 24 cases of suspected vulnerabilities in medical devices and hospital equipment.  Other unnamed individuals familiar with the investigations told Reuters that the DHS' Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is reviewing products that include an infusion pump from Hospira, Inc. and implantable heart devices from Medtronic, Inc. and St. Jude Medical, Inc.

Those sources are unaware of any incidents involving patients being attacked through these devices, but there is concern that attackers could remotely access the devices and potentially threaten lives, the report indicates.  In a statement emailed to SCMagazine.com on Wednesday, S.Y. Lee, a DHS spokesperson, wrote that ICS-CERT works directly with medical device manufacturers, health care professionals and facilities “to investigate and address cyber vulnerabilities,” but Lee did respond to specific questions regarding these investigations...