Your syringe has been disconnected
Medical devices, like other computer systems, can be vulnerable to security breaches, potentially impacting the safety and effectiveness of the device. The number of cyber attacks grows as medical devices are increasingly connected to the Internet, hospital networks, and to other medical devices. In 2017 FDA identified at least 3 cases of vulnerabilities in medical devices that are connected to the internet via hospital network. The agency reacted with regulatory actions on time, preventing potential cyber attacks.
UK NHS is not so successful. It already hardly suffered from cyber security breaches. In the recent publication, NHS campaigners call the situation pandemic. On May 12, 2017, computer hackers attempted to hold the NHS hostage by exploiting a weakness in Microsoft operating systems. When NHS staff opened an apparently innocuous e-mail attachment, a ransomware worm infiltrated their computers, encrypting data and locking out users. Throughout the United Kingdom, NHS doctors and nurses found themselves helplessly staring at screens that ordered them to pay a Bitcoin ransom to unlock their computers. Attack compromised electronic health records usage, forcing hospitals to switch to paperwork and general practices to shut down. At one of the capital’s biggest hospitals, the automated refrigerators used for dispensing blood products were out of order, compromising the capacity to conduct surgery safely.
Being aware of such stories and scared in a productive way, regulatory agencies are trying to resist potential attacks.
European Commission does not report any particular cases of attacks, but it recently confirmed its intention to develop rules on medical devices cybersecurity and called for industry proposals. FDA issued guidance on the postmarket management of cybersecurity in medical devices in 2016. Japan is known to be ahead of the whole world in technological issues. PMDA is aware of potential breaches. Agency released guidance on cybersecurity for devices back in 2015.
Although regulatory agencies are aware and concerned about cybersecurity of medical devices, the avalanche of attacks approaches. Internet network becomes increasingly involved in the daily routine of hospitals and healthcare organizations all over the world. Cyber attacks are simply a new, remote way of vandalism that came for changing of old, physical hooliganism.
Sources:
- https://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm482022.pdf
- http://www.nejm.org/doi/full/10.1056/NEJMp1706754?query=featured_home
- http://europa.eu/rapid/press-release_MEMO-17-848_en.htm
- http://www.ris.world/news/pmda-new-guidance-addresses-cyber-security-devices