A Heart-to-Heart from the Hackers: Cyber-Vulnerabilities in Cardiac Devices
Robert Radick writes:
Just over a year ago, this blog took note of a governmental letter that powerfully underscored the dangers of cyberattacks in the healthcare industry. The letter, which then-Senator Barbara Boxer had sent to FBI Director James Comey, discussed the serious risks that hospitals and other institutional health care providers face from cyberattacks, ransomware, and a range of other malicious efforts to infiltrate their networks.[…]
How is it that, according to the FDA, Abbott’s cardiac devices are alleged to be in violation of the FDCA? Although the FDA’s warning letter is a complex document that makes for anything but easy reading, the letter boils down to two primary assertions – first, that Abbott allegedly underestimated the risk and potential consequences of the premature failure of batteries that a third-party manufacturer had supplied for the implantable cardiac devices; and second, that based on allegedly erroneous “cybersecurity risk assessments” for cardiac devices, Abbott had found that the device’s risk estimations were acceptable, when, according to the FDA, an outside report had concluded that “several risks” – including, apparently, the risk of hacking and cyberattacks on the devices themselves – “were not adequately controlled.”
Read more on Forbes.