Skip 
Navigation Link

1215 South Walnut Ave.
Demopolis, AL 36732 map map 

Access to Care: 800.239.2901

Health Policy & Advocacy
Resources
Basic InformationMore InformationLatest News
Fentanyl Now the No. 1 Opioid OD KillerHospitalizations Rising Among the HomelessElectronic Health Records Bogging Docs DownMore Are Seeking Mental Health Care, But Not Always Those Who Need It MostMillions of Americans Still Breathing Secondhand Smoke: ReportNew Approach to Opioid Crisis: Supervised Heroin Injection Programs?Many Americans Unaware of Promise of Targeted, 'Personalized' Medicine: PollAs Gun Violence Grows, U.S. Life Expectancy DropsMost Americans Lie to Their DoctorsOpioid Crisis, Suicides Driving Decline in U.S. Life Expectancy: CDCWant to Learn CPR? Try an Automated KioskHealth Surrogates Often in Dark About Loved One's WishesRestaurant 'Health Grade' Posters Could Mean Safer DiningSmoking Bans Might Help Nonsmokers' Blood PressureWarmer Winters, More Violent Crimes?Are Food Additives Good or Bad? Consumer Views VaryDrug Studies in Children Often Go Unfinished: StudyFDA Moves to Restrict Flavored E-Cig Sales, Ban Menthol CigarettesAgeism Costs Billions in Health Care DollarsAmerica Is Worried About Antibiotic ResistanceRed Cross Issues Urgent Call for Blood Ahead of the HolidaysUnder Pressure, Juul Withdraws Most Flavored E-Cigs From MarketMany Drugstores Won't Dispense Opioid Antidote as RequiredNew Cholesterol Guidelines Focus on Personalized ApproachAHA: Defibrillators Can Help Kids Survive Cardiac Arrest, TooFDA Will Ban Many Flavored E-CigarettesU.S. Smoking Rates Hit Record LowOnly a Quarter of Opioid Painkillers Taken After Most SurgeriesHome Health-Care Tests: Proceed With CautionFDA Takes on Flatulent CowsWhy Bystanders Are Less Likely to Give CPR to WomenCellphone Radiation Tied to Upped Odds for Cancer -- in RatsHealth Tip: FDA Discusses Possible Risks of Bodybuilding ProductsU.S. Hospitals Making Headway Against InfectionsAfter Mass Shootings, Blood Donations Can Go UnusedLead in Hair Dyes Must Go: FDAIn California, Some Doctors Sell 'Medical Exemptions' for Kids' VaccinationsGot Unused Prescription Meds? Saturday Is National Drug Take-Back DayFDA Too Quick to Call BPA Chemical Safe, Health Experts SayIs Crowdfunding Too Often Used for Bogus Treatments?Many Supplements Still Contain Dangerous Stimulants: StudyTapping Into TelehealthMenthol Cig Ban Didn't Spur Black Market Sales: StudyHip-Hop Loaded With Pot, Cigarette ReferencesWhite House Wants Prices in Drug Ads, But Big Pharma Fights BackMany Supplements Contain Unapproved, Dangerous Ingredients: StudyE-Cigs Continue to Spark Debate Over Health Risks/BenefitsClinical Trials Need More VolunteersGetting Your Medical Records Might Not Be EasyMost People Don't Know if They Have Genetic Risk for Cancer
Questions and AnswersVideosLinksBook Reviews
Related Topics

Health Insurance
Healthcare

Could Hackers Target Heart Devices?

HealthDay News
by By Dennis ThompsonHealthDay Reporter
Updated: Feb 20th 2018

new article illustration

TUESDAY, Feb. 20, 2018 (HealthDay News) -- Your wireless heart implant suddenly goes on the fritz, either conking out completely or causing your heart to beat rapidly or irregularly.

Could you be the victim of a hacking attack aimed at endangering your life by messing with your heart device?

It happened on the "Homeland" TV series, when Islamic terrorists hacked the heart pacemaker of the vice president of the United States and engineered his untimely end.

But hacking a cardiac device isn't just the stuff of fiction. It's a potential possibility -- though remote at this time -- that must be guarded against to protect patients, a new review suggests.

"We need to be thinking about these possibilities ahead of time. We need to be a couple of steps ahead of the hackers," said Dr. Dhanunjaya Lakkireddy. He directs the University of Kansas Medical Center's Center for Excellence in Atrial Fibrillation and Complex Arrhythmias.

"We need to think about safety nets in the design of the hardware, software and programming of these devices," Lakkireddy added.

It's highly unlikely that a hacker could alter the programming of an implantable cardioverter-defibrillator (ICD) in a way that would endanger a patient, said Lakkireddy, a leader of the Electrophysiology Section of the American College of Cardiology (ACC).

"After reviewing the literature and talking to the industry people, their engineers and people in the cyber sector, our final take on this is it's a theoretical risk that has been blown out of proportion," Lakkireddy said.

Many ICDs used these days are wirelessly programmed in a doctor's office, and transmit real-time data on patient heart rate that cardiologists can use to track a person's heart health.

ICDs track a patient's heart rate and, if it becomes erratic, delivers a jolt of electricity to restore normal rhythm.

Medical devices have been targets of hacking for over a decade, Lakkireddy and his colleagues noted.

Some insulin pumps have been shown to be vulnerable to a remote hacking attack, and in 2016 a cybersecurity firm issued a report alleging that certain ICDs also might be hackable.

The concern is that a hacker could target someone's ICD with an attack that would cause the device to deliver inappropriate or life-threatening shocks, according to a report from the ACC's Electrophysiology Section.

A hack also could interfere with doctors' ability to monitor heart data transmitted by the ICD, or alter the device's function in a way that would drain its battery.

It is possible that someone could hack in and monitor the heart data being transmitted from a device to a doctor's office, Lakkireddy said.

But there are a lot of hurdles that someone would have to clear to remotely reprogram another person's heart implant, he continued.

Each ICD sends and receives on a unique radio frequency, and it can be reprogrammed only with proprietary software produced by the device's manufacturer, Lakkireddy said.

A malicious hacker would first have to know that a person has a heart implant, then figure out what brand of heart implant and its radio frequency, then get the proprietary reprogrammer for that device within range of the victim, then tinker around nearby without the person becoming suspicious, Lakkireddy said.

Given stringent U.S. laws protecting patient information, it's unlikely that someone could cobble together all of this information and launch such an attack, he said.

"When you pile up all these pieces of information together, the probabilities keep going down dramatically," Lakkireddy said. "It's not operationally plausible."

Dr. Gordon Tomaselli, chief of cardiology for Johns Hopkins, in Baltimore, said it's theoretically possible that someone sitting near a person with a heart implant could hack into the ICD and reprogram it.

"It could not be done by somebody sitting somewhere at a computer in their basement, hacking," Tomaselli said. "They'd have to have access to the device."

Tomaselli agreed with Lakkireddy that patients today have nothing to fear.

"If you're not remotely monitored, it's virtually nonexistent," Tomaselli said. "If you are remotely monitored, the chances are very, very small."

At the same time, both Tomaselli and Lakkireddy suggested that device manufacturers and physicians need to stay on top of the devices' cybersecurity, to ensure that future modifications do not leave patients vulnerable to attack.

"There are things we are going to continue to have to do to make sure patients remain safe," Tomaselli said. "This is not just pacemakers and defibrillators. It's virtually any medical device that has a computer chip in it."

The new report was published online Feb. 20 in the Journal of the American College of Cardiology.

More information

The American Heart Association has more about ICDs.