Article
Cyber Security

FDA warns of cybersecurity risk with insulin pumps

By Vikki Davies
September 21, 2022
undefined mins
The US Food and Drug Administration has warned that certain types of insulin pump systems manufactured by Medtronic are vulnerable to cyberattack.

The US Food and Drug Administration (FDA) is alerting medical device users about a cybersecurity risk for the Medtronic MiniMed 600 Series Insulin Pump System. There is a potential issue associated with the communication protocol for the pump system that could allow unauthorised access to the pump system. If unauthorised access occurs, the pump’s communication protocol could be compromised, which may cause the pump to deliver too much or too little insulin. 

The FDA says the MiniMed 600 series pump system has components that communicate wirelessly (such as the insulin pump, continuous glucose monitoring (CGM) transmitter, blood glucose meter, and CareLink USB device). For unauthorised access to occur, a nearby unauthorised person (person other than you or your care partner) would need to gain access to your pump while the pump is being paired with other system components.

The FDA says is not aware of any reports related to this cybersecurity vulnerability.

Medtronic issued an Urgent Medical Device CorrectionExternal Link Disclaimer to inform medical device users of this cybersecurity risk and included actions and recommendations for users to take.

The FDA said in a statement:  "We are working with Medtronic to identify, communicate, and prevent adverse events related to this cybersecurity vulnerability. 

"All legally-marketed medical devices have benefits and risks. The FDA clears, authorises, and approves devices to be marketed when there is a reasonable assurance that the devices are safe and effective for their intended use.

"Medical devices are increasingly connected to the Internet, hospital networks, and other medical devices to provide features that improve health care and increase the ability of health care providers to treat patients. These same features also increase potential cybersecurity risks. Medical devices, like other computer systems, can be vulnerable to security breaches, potentially impacting the safety and effectiveness of the device.

"Threats and vulnerabilities cannot be eliminated and reducing cybersecurity risks is especially challenging. The health care environment is complex, and manufacturers, hospitals, and facilities must work together to manage cybersecurity risks."

CybersecurityHealthcarecybercrimecyberattack
Share
Share
Author
Vikki Davies

Featured Articles

Norton: Report Highlights Rising Trend of AI Dating Scams

Norton report shows that as AI becomes more sophisticated and accessible, so do the risks of romantic scams conducted via AI

Barracuda: Why Businesses Struggle to Manage Cyber Risk

Barracuda Networks CIO report shows that six in 10 businesses struggle to manage cyber risk, with issues such as policy struggles and management buy-in

Evri, Amazon and Paypal Among Brands Most Used by Scammers

With the development of AI, cybercriminals are becoming more and more sophisticated in their attacks, using fake websites and impersonating popular brands

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Technology & AI

MWC Barcelona 2024: The Future is Connectivity

Technology & AI

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Cyber Security