Manufacturers of Medical Devices wake up to Cyber Security Threats


Companies which manufacture medical devices like pace makers, insulin pumps and glucose monitoring machines are sending their staff to cyber security conferences in order to learn from the researchers the latest in the world of cyber security.

At the recently held Black hat Conference held in Las Vegas and the Def Con, representatives from big companies like Johnson & Johnson and Philips were seen attending the events which reported vulnerabilities occurring in the world of connected devices.

While most of the corporate attendees reported that they were asked to create reports on the things happening at the conference, in the world of cyber security and in their business vertical. Some individuals were seen representing the CIOs and CTOs of various companies who were eager to know what their competitors were coming up when it comes to developing products regards to cyber security.

The US Food and Drug Administration (FDA), which regulates medical devices spoke at the DEF CON for the first time this year. And highlighted some guidelines which push device makers to take security seriously and to come up with devices which are capable to thwart or mitigate cyber attacks.

At the same time, the US FDA asked the device manufacturers to closely work with white hat hackers in order to make devices which are free from any kind of security flaws.

In May this year, the Wannacry Ransomware outbreak infected medical devices disabling radiology equipment at Bayer.  Bayer reported that it received complaints from two of its US clients who reported that their systems were infected by malware which spread from the network of windows based computers. Immediately the company contacted the customers to inform them of a security update. Bayer later confirmed that the fix was circulated to all the device users in the US by June ‘17.

Speaking at the Def Con, Colin Morgon, the product development director at J&J, called for cyber security to become a normal part of the product development process. He assured that all J&J medical devices manufactured from now on will be risk-free from a security standpoint.

Michael McNeil, the global product security officer at Philips, said that he was trying his best to be much more proactive with the researcher’s community. McNeil added that his company will try to offer medical devices driven by utmost cyber security now and in near future.

Both McNeil and Colin Morgan attended the Black Hat Security conference held in Las Vegas last month.

Readers of Cybersecurity Insiders have to notify over here that J&J was the first company to warn over 100,000 diabetes patients of a flaw in its insulin pumps last year. It was in fact alerted by a cyber security company Rapid 7.

Rapid 7 also issued a cyber threat that the dosage of J&J insulin pumps can be changed by hackers if the company fails to fix a security vulnerability on a quick note.

So, in order to keep themselves updated on the latest in cyber space, some big companies have started sending their representatives to learn more from cyber security researchers attending the events.

This will, in fact, help the manufacturers to come up with products which are not susceptible to cyber attacks.

What do you say…?

You can share your views through the comments section below.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display