The Challenges of Implanted Cardiac Device Security: Lessons From Recent Compromises

G. Stuart Mendenhall


Europace. 2019;21(4):535-538. 

In This Article

Other Incidents

Other cardiac device manufacturers have experienced similar attacks to their programmers or remote monitoring system. At the 'Black Hat' hacker conference in 2018, security firm WhiteScope (Half Moon Bay, CA, USA) demonstrated compromise of a Medtronic Corporation (Minneapolis, MN, USA) 2090 programmer bought off an internet auction and sales site. In this exploit,[5] a network was created that fooled the programmer into thinking it was connecting to the Medtronic official servers, which allowed uploading of unsigned, potentially malicious code to the PSA to run. The researchers note that the 2090 device accepted code as long as it was claimed to be coming from Medtronic and had a few minimal checks, there was no 'secure signing' that was checked or enforced. The researchers note that a 'rogue' or badly programmed PSA device could then be re-introduced into a clinical care environment. In a statement[6] most recently released 28 June 2018, Medtronic has acknowledged the possibility of this compromise and has elected to not update existing software due to the low overall risk and the requirement of both physical access and sophisticated programming techniques to change the 2090. They note that all Medtronic programmers should only be used to connect to secure, uncompromised networks for software updates, and thus the overall risk is acceptable. Future devices will have enhanced authentication and code-signing techniques implemented.