Connected medical devices, together with the proliferation of consumer health-monitoring gadgets, hold great promise for remote patient monitoring and digital health management. Yet many of these devices are laughably -- perhaps even dangerously -- insecure and lacking in privacy protections.
In the last five years, cybersecurity researchers have demonstrated the potential to hacks pacemakers, defibrillators, insulin pumps, and other devices that could have life-or-death consequences. The wireless data links used to retrieve data and send instructions are often unencrypted. Authentication methods are often weak, and the password might even be hard coded into the device firmware. Some of the greatest concerns revolve around wireless communications for devices that patients take home with them (sometimes implanted in the body).
Consumer health monitoring devices turn out to have similar vulnerabilities. Though hacking a Fitbit won't have consequences on the same scale as compromising a pacemaker, increasing interconnectedness will demand more attention to security and privacy across the spectrum of medical and consumer health devices.
Click the image below for a slideshow on the vulnerabilities of health devices.