The Challenges of Implanted Cardiac Device Security: Lessons From Recent Compromises

G. Stuart Mendenhall


Europace. 2019;21(4):535-538. 

In This Article

What Should Physicians do?

There have been no reports of the compromise of any implanted cardiac device being used to harm patients. Using an exploit for patient harm, to destroy or disorganize data, to cause confusion in the medical environment, or other malicious purposes remains highly unethical and illegal under existing laws and regulations. At this point the risks remain largely theoretical and compromises require significant overhead, equipment, knowledge, or expense to implement. However, with increasing ubiquity of devices and technology these barriers may be reduced.

Physicians who deal with implanted devices should encourage updates of PSA or remote monitoring software and promptly install software updates and patches, and comply with directives issued by companies, with understanding of the manufacturer-supplied estimates of software update failure. Often the existing risk of device failure or compromise has to be weighed against the risk of upgrade or intervention, particularly when upgrading the implanted device itself. These are typically low for the non-pacemaker dependent or non-critically dependent patient. Since absolute risks of action vs non-action remain extremely low, a great deal of time on the risk of upgrade with the typical patient with an implanted device is generally not needed. If patients are dependent on pacemaker functions of the device, the extremely small chance of failure of update and device entering reversion mode may outweigh the currently exceedingly low theoretical risk of device exploit during the period until device change is indicated.

Manufacturers will have to closely ensure that the compromise of consumer protocols do not allow unfettered access to critical device functions and maintain an infrastructure for patching and device updates in order to prevent a potential widespread vulnerability.