Abstract
Cyber-attacks are targeting different businesses including medical sectors. From medical devices such as pace makers to medical institutions like hospitals and clinics are all vulnerable targets for cyber criminals. Cyber breaches in medical area not only can risk patients’ life but also can lead to leakage of sensitive and confidential data. Due to the nature of medical targets and their importance and sensitivity, there is a significant need to review and investigate the current and past vulnerabilities and weaknesses within the devices and medical institutions. This research aims to investigate recent and current vulnerabilities of medical devices and institutions and highlight the importance of cyber security issues in this area.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
BBC (2013) Dick Cheney: heart implant attack was credible. Retrieved from http://www.bbc.co.uk/news/technology-24608435
BBC (2017) Ethical hackers to boost NHS cyber-defences. Retrieved from http://www.bbc.co.uk/news/technology-42137409
Callaham J (2014) A (very) brief history of Windows XP. Retrieved from https://www.neowin.net/news/a-very-brief-history-of-windows-xp
Cunningham D, Cunningham M, Donkor A, Linker N, Murgatroyd F (2017) National audit of cardiac rhythm management devices. Retrieved from http://www.ucl.ac.uk/nicor/audits/cardiacrhythm/documents/annual-reports/crm-devices-national-audit-report-2015-16_v2
DMCA Exemption Granted for Med Device Research, Patient Access to Data (2015.) Retrieved from https://clinic.cyber.harvard.edu/2015/10/27/dmca-exception-granted-for-medical-device-research-patient-access-to-data/
Erdogan O (2002) Electromagnetic interference on pacemakers. Indian Pacing Electrophysiol J 2(3):74–78. PMCID: PMC1564060
EU Directive 95/46/EC – The Data Protection Directive (n.d..) Retrieved from https://www.dataprotection.ie/docs/EU-Directive-95-46-EC-Chapter-2/93.htm
Fatal flaws in ten pacemakers make for Denial of Life attacks (2016.) Retrieved from https://www.theregister.co.uk/2016/12/01/denial_of_life_attacks_on_pacemakers/
Finkle J (2016) J&J warns diabetic patients: Insulin pump vulnerable to hacking. Reuters. Retrieved from https://www.reuters.com/article/us-johnson-johnson-cyber-insulin-pumps-e/jj-warns-diabetic-patients-insulin-pump-vulnerable-to-hacking-idUSKCN12411L
Fu K, Blum J (2013) Controlling for cybersecurity risks of medical device software. Commun ACM 56(10):35–37
Gillard D (2017) Living with a Pacemaker. British Heart Foundation, pp 4–20
Giry D (2017) Keylength. Retrieved May 19, 2018, from https://www.keylength.com/en/4/
Glisson WB, Andel T, McDonald T, Jacobs M, Campbell M, Mayr J (2015) Compromising a medical Mannequin. Comput Res Repository arXiv:1509.00065
Goode L (2015) Anonymous and the political ethos of hacktivism. Pop Commun 13(1):74–86
Halperin D, Heydt-Benjamin TS, Ransford B, Clark SS, Defend B, Morgan W, Fu K, Kohno T, Maisel WH (2008) Pacemakers and implantable Cardiac Defibrillators: software radio attacks and zero-power defenses. IEEE Symp Secur Priv
Hatmaker T (2016) FDA issues new security guidelines so that your pacemaker won’t get hacked. Retrieved from https://techcrunch.com/2016/12/28/fda-issues-new-security-guidelines-so-that-your-pacemaker-wont-get-hacked/?guccounter=1#
Horton H (2016) Contactless card owners warned against public transport scanner hack. The Telegraph. Retrieved from https://www.telegraph.co.uk/technology/2016/02/17/if-you-have-a-contactless-card-watch-out-for-this-scam/
Implantable cardioverter defibrillator (n.d.). Retrieved from https://www.bhf.org.uk/heart-health/treatments/implantable-cardioverter-defibrillator
Barnaby Jack (2017.) Retrieved from https://en.wikipedia.org/wiki/Barnaby_Jack
Jamming & Radio Interference: Understanding the impact. (n.d.) The Institute of Engineering and Technology. https://doi.org/10.1049/etr.2012.9002
Kobie N (2017) The quantum clock is ticking on encryption – and your data is under threat. Retrieved from http://www.wired.co.uk/article/quantum-computers-quantum-security-encryption
Lam B (2017) NHS cyber attack: views from the front line. Pharm J. Retrieved from https://www.pharmcaceutical-journal.com/opinion/qa/nhs-cyber-attack-views-from-the-front-line/20202794.article
New York Post (2016) Yes, pacemakers can get hacked. Retrieved from http://nypost.com/2016/12/29/yes-pacemakers-can-get-hacked
Nitta Y (2013) Japan’s approach towards international strategy on cyber security cooperation. Retrieved September, 13, p 2014
Nohe P (2018) FDA: 465,000 Pacemakers need a firmware update. Retrieved https://www.thesslstore.com/blog/fda-465000-pacemakers-need-a-firmware-update/
O’Connor MC (2010) Study finds RFID readers may affect pacemakers, but pose no urgent risk. Retrieved from http://www.rfidjournal.com/articles/view?7307
Oh I (2015) Anti-Abortion hackers claim to have stolen data that could take down planned parenthood. Mother Jones
Pacemakers (n.d..) Retrieved from https://www.bhf.org.uk/heart-health/treatments/pacemakers
Pournouri S, Craven M (2014) E-business, recent threats and security countermeasures. Int J Electron Secur Digit Forensics 6(3):169–184
Saini H, Rao YS, Panda TC (2012) Cyber-crimes and their impacts: a review. Int J Eng Res Appl 2(2):202–209
Seals T (2018) Abbott addresses life-threatening flaw in a half-million pacemakers. Retrieved May 19, 2018, from https://threatpost.com/abbott-addresses-life-threatening-flaw-in-a-half-million-pacemakers/131709/
Secure by Design: Improving the cyber security of consumer Internet of Things Report (pp. 4–27, Rep.) (2018). Department for Digital, Culture, Media & Sport. Retrieved from https://www.gov.uk/government/publications/secure-by-design
Spring T (2017) Wireless ‘BlueBorne’ attacks target billions of bluetooth devices. Retrieved May 15, 2018, from https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/
Wendling P (2017) Abbott hit with $9.9 million class-Action over St Jude devices. Medscape. Retrieved from https://www.medscape.com/viewarticle/886026
What is remote monitoring (n.d..) Retrieved from http://www.medtronic.com/us-en/patients/treatments-therapies/remote-monitoring.html
Yuce MR, Islam MN (2016) Review of medical implant communication system (MICS) band and network. ICT Express 2(4):188–194. https://doi.org/10.1016/j.icte.2016.08.010
Zetter K (2015) Medical devices that are vulnerable to life-threatening hacks. Retrieved from https://www.wired.com/2015/11/medical-devices-that-are-vulnerable-to-life-threatening-hacks/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Beavers, J., Pournouri, S. (2019). Recent Cyber Attacks and Vulnerabilities in Medical Devices and Healthcare Institutions. In: Jahankhani, H., Kendzierskyj, S., Jamal, A., Epiphaniou, G., Al-Khateeb, H. (eds) Blockchain and Clinical Trial. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-11289-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-11289-9_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11288-2
Online ISBN: 978-3-030-11289-9
eBook Packages: Computer ScienceComputer Science (R0)