Skip 
Navigation Link

1215 South Walnut Ave.
Demopolis, AL 36732 map map 

Access to Care: 800.239.2901

Health Policy & Advocacy
Resources
Basic InformationMore InformationLatest News
When DEA Cracked Down on Opioids, Abusers Moved to Black Market: StudyStigma of Safe Needle Exchanges Lingers Despite Opioid EpidemicAHA: Drones a Lifesaver for Cardiac Arrest Patients?Millions Die Worldwide Each Year for Lack of Quality CareTips for Handling a Medical EmergencyAHA: Lifesaving Info Not Always a 911 Call AwayMany, But Not All, Hospitals Require Flu Shots for StaffersCancer Care Twice as Costly in U.S. Versus CanadaAHA: Health Concerns Haunt Puerto Rico as New Hurricane Season BeginsPot, Opioids Now Rival Alcohol as Factor in Driver DeathsThe ER or Urgent Care?Trumps Signs Bill Allowing Terminal Patients to Try Unproven MedicinesTough State Drunk Driving Laws Save LivesE-Cigarettes Don't Help Smokers Quit, But Cash MightSmall World? Not With One-Quarter Obese by 2045A Pill to Protect You From the Sun? Don't Believe It, FDA SaysMost Hospitals Aren't Ready for Mass Tragedies, ER Docs SayAHA: Making America's Doctors Look More Like AmericaLanguage Used in Medical Record Can Affect Patient CareNonprofit Manufacturer Could Keep Generic Drug Costs DownOpioid Makers' Perks to Docs Tied to More PrescriptionsFDA Targets Clinics Offering Unapproved Stem Cell TherapiesLittle 'Quit-Smoking' Help at U.S. Mental Health CentersIs Testing for Zika in U.S. Blood Supply Worth the Cost?'Smoke-Free' Rooms Still Loaded With Smoke Residues, Study FindsAHA: Smoke-Free Laws Do Seem to Help Young Adults' HeartsAHA: Poverty Levels Key to States' Performance on Heart DiseaseSimple Drug Packaging Change Could Save Toddlers' LivesFDA Cracks Down on Dangerous E-Cig Liquids That Resemble Cookies, CandyNew Clinic Satisfaction Tool Provides Real-Time FeedbackUnused Meds? Saturday Is National Drug Take Back DayA Doctor's Age May Matter With Emergency SurgeryPatients Prefer Doctors Who Engage in Face-to-Face VisitsU.S. Better Able to Tackle Health Emergencies: ReportFirst Opioid Lawsuit Targeting Pharmacy Benefit ManagersMost Doctors' Offices Don't Offer Flexibility for UninsuredSafety Info for Opioids Found LackingNonoptimized Drug Therapy Costs More Than $500 Billion AnnuallyFDA Cracks Down on Caffeine-Loaded SupplementsCigarette Tax Hike Could Ease Poverty for Millions Worldwide: StudyCDC: Aggressive Action Needed to Contain Antibiotic ResistanceCould Medical Pot Help Curb the Opioid Abuse Crisis?Medical E-Records Not Without Risks: StudyHealth Groups Sue FDA to Speed Review of E-CigarettesEHR Usability Contributes to Possible Patient Harm EventsAHA: Solving the Dilemma of Not Enough HeartsUnchecked Air Pollution a Death Sentence for Millions: StudyPersonal Health Info Found in Recycling at Five HospitalsTask Force Issues Stronger Skin Cancer Prevention GuidelinesFDA Considers Lowering Nicotine Levels in Cigarettes
Questions and AnswersVideosLinksBook Reviews
Related Topics

Health Insurance
Healthcare

Could Hackers Target Heart Devices?

HealthDay News
by By Dennis ThompsonHealthDay Reporter
Updated: Feb 20th 2018

new article illustration

TUESDAY, Feb. 20, 2018 (HealthDay News) -- Your wireless heart implant suddenly goes on the fritz, either conking out completely or causing your heart to beat rapidly or irregularly.

Could you be the victim of a hacking attack aimed at endangering your life by messing with your heart device?

It happened on the "Homeland" TV series, when Islamic terrorists hacked the heart pacemaker of the vice president of the United States and engineered his untimely end.

But hacking a cardiac device isn't just the stuff of fiction. It's a potential possibility -- though remote at this time -- that must be guarded against to protect patients, a new review suggests.

"We need to be thinking about these possibilities ahead of time. We need to be a couple of steps ahead of the hackers," said Dr. Dhanunjaya Lakkireddy. He directs the University of Kansas Medical Center's Center for Excellence in Atrial Fibrillation and Complex Arrhythmias.

"We need to think about safety nets in the design of the hardware, software and programming of these devices," Lakkireddy added.

It's highly unlikely that a hacker could alter the programming of an implantable cardioverter-defibrillator (ICD) in a way that would endanger a patient, said Lakkireddy, a leader of the Electrophysiology Section of the American College of Cardiology (ACC).

"After reviewing the literature and talking to the industry people, their engineers and people in the cyber sector, our final take on this is it's a theoretical risk that has been blown out of proportion," Lakkireddy said.

Many ICDs used these days are wirelessly programmed in a doctor's office, and transmit real-time data on patient heart rate that cardiologists can use to track a person's heart health.

ICDs track a patient's heart rate and, if it becomes erratic, delivers a jolt of electricity to restore normal rhythm.

Medical devices have been targets of hacking for over a decade, Lakkireddy and his colleagues noted.

Some insulin pumps have been shown to be vulnerable to a remote hacking attack, and in 2016 a cybersecurity firm issued a report alleging that certain ICDs also might be hackable.

The concern is that a hacker could target someone's ICD with an attack that would cause the device to deliver inappropriate or life-threatening shocks, according to a report from the ACC's Electrophysiology Section.

A hack also could interfere with doctors' ability to monitor heart data transmitted by the ICD, or alter the device's function in a way that would drain its battery.

It is possible that someone could hack in and monitor the heart data being transmitted from a device to a doctor's office, Lakkireddy said.

But there are a lot of hurdles that someone would have to clear to remotely reprogram another person's heart implant, he continued.

Each ICD sends and receives on a unique radio frequency, and it can be reprogrammed only with proprietary software produced by the device's manufacturer, Lakkireddy said.

A malicious hacker would first have to know that a person has a heart implant, then figure out what brand of heart implant and its radio frequency, then get the proprietary reprogrammer for that device within range of the victim, then tinker around nearby without the person becoming suspicious, Lakkireddy said.

Given stringent U.S. laws protecting patient information, it's unlikely that someone could cobble together all of this information and launch such an attack, he said.

"When you pile up all these pieces of information together, the probabilities keep going down dramatically," Lakkireddy said. "It's not operationally plausible."

Dr. Gordon Tomaselli, chief of cardiology for Johns Hopkins, in Baltimore, said it's theoretically possible that someone sitting near a person with a heart implant could hack into the ICD and reprogram it.

"It could not be done by somebody sitting somewhere at a computer in their basement, hacking," Tomaselli said. "They'd have to have access to the device."

Tomaselli agreed with Lakkireddy that patients today have nothing to fear.

"If you're not remotely monitored, it's virtually nonexistent," Tomaselli said. "If you are remotely monitored, the chances are very, very small."

At the same time, both Tomaselli and Lakkireddy suggested that device manufacturers and physicians need to stay on top of the devices' cybersecurity, to ensure that future modifications do not leave patients vulnerable to attack.

"There are things we are going to continue to have to do to make sure patients remain safe," Tomaselli said. "This is not just pacemakers and defibrillators. It's virtually any medical device that has a computer chip in it."

The new report was published online Feb. 20 in the Journal of the American College of Cardiology.

More information

The American Heart Association has more about ICDs.