An anonymous reader writes: In the wake of the U.S. Food and Drug Administration’s recent recommendations to strengthen security on net-connected medical devices, the Department of Homeland Security is launching an investigation into 24 cases of potential cybersecurity vulnerabilities in hospital equipment and personal medical devices.
Independent security researcher Billy Rios submiited proof-of-concept evidence to the FDA indicating that it would be possible for a hacker to force infusion pumps to fatally overdose a patient. Though the complete range of devices under investigation has not been disclosed, it is reported that one of them is an 'implantable heart device'.
William Maisel, chief scientist at the FDA's Center for Devices and Radiological Health said: “The conventional wisdom in the past was that products only had to be protected from unintentional threats. Now they also have to be protected from intentional threats too.”