Security News Over 8,600 Security Flaws Found in Pacemaker Systems

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Security researchers from WhiteScope have uncovered over 8,600 vulnerabilities in pacemaker systems and the third-party libraries used to power various of their components.
These issues are broad in nature and range from simple code bugs to terrible design choices that risk the life of their patients.
Researchers discovered these flaws in seven different products from four different manufacturers. These issues are detailed in depth in a report the team released earlier this week.
Most vulnerabilities are in third-party libraries

The focus on their research was on radio-controlled implantable devices such as pacemakers, Implantable Cardioverter Defibrillators (ICD), Pulse Generators, and Cardiac Rhythm Management (CRM) — collectively referred to as "pacemaker systems" in this article.
What researchers found is that most of these pacemaker systems worked on a similar architecture that included the actual implanted medical device, a home monitoring device, a cloud-based infrastructure that relayed data to a physician, and a pacemaker programmer, which the physician used to tweak the implant's settings.

Read More. Over 8,600 Security Flaws Found in Pacemaker Systems
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
Came across a similar article on the discovered vulnerabilities in the morning. It's really said that such critical sectors have insufficient focus on security.
An MNC where I interned had some projects based on recent OSS like OpenICE where features and proper implementation are planned, however the in-depth analysis and covering the unobvious weaknesses were of least importance till the end. It's difficult to study or reveal potential security issues later on.
A proper study and mitigation of the used software/API etc, be it proprietary or open source, is damn important for what they will be used (medical industry). Securing devices and the loopholes are highlighted here and should be addressed soon before they invite trouble.
 

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Came across a similar article on the discovered vulnerabilities in the morning. It's really said that such critical sectors have insufficient focus on security.
An MNC where I interned had some projects based on recent OSS like OpenICE where features and proper implementation are planned, however the in-depth analysis and covering the unobvious weaknesses were of least importance till the end. It's difficult to study or reveal potential security issues later on.
A proper study and mitigation of the used software/API etc, be it proprietary or open source, is damn important for what they will be used (medical industry). Securing devices and the loopholes are highlighted here and should be addressed soon before they invite trouble.
It is a sad and annoying thing that this sort of vulnerbility should even exist. :(
 

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
First a malware that makes me want to cry, now one that could kill me. How low can humanity get some times. :(
 
  • Like
Reactions: Fritz

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top