St. Jude Medical has issued security updates for its Merlin remote monitoring system, which are designed to fix flaws that could make its pacemakers vulnerable to hacking. According to a report in the Washington Times, certain pacemakers, defibrillators and other products manufactured by St. Jude are reportedly vulnerable to “cyber security intrusions and exploits,” the U.S. Food and Drug Administration warned consumers. The affected devices all use radio frequency signals to transmit and receive personalized data between the inside of a patient’s body and a nearby monitoring station.
By hijacking those transmissions, it is possible for hackers to remotely execute malicious commands that could affect the device’s ability to function properly. FDA officials said hackers could have also harnessed the flaws to quickly deplete the battery power in a patient’s pacemaker, which would, of course, prove lethal. St. Jude said in a statement that all medical devices using similar remote monitoring are exposed to similar risks of cyber attacks. However, they say, patients can fix these affected products by installing the newly released security updates.
Implants Are Still Vulnerable
These updates were apparently issued five months after Muddy Waters, a short-selling firm, issued a report that St. Jude’s devices could be hacked with “potentially catastrophic attacks.” Muddy Waters predicted that St. Jude would be forced to recall several products. However, that didn’t happen because St. Jude downplayed those findings. Muddy Waters issued a statement saying that the announcement of these security updates effectively vindicates their allegations and predictions.
They said if they hadn’t gone public, St. Jude might not even have come up with the updates to fix the security vulnerabilities. They also say the fixes still do not address many of the larger problems including the existence of a universal code that could allow hackers to control the implants.
Protecting Devices from Hackers
It is a fact today that billions of devices, from fitness trackers and home appliances to baby monitors and medical devices are connected as part of a rapidly expanding “Internet of things.” But many such devices were developed without security considerations making them prime targets for hackers. If you have a device, any device, that is capable of connecting to the Internet or shares information over a wireless network in your home, it is vulnerable to a cyber attack.
Hackers can do a lot of damage from remotely disabling a car to toying with medical devices. You could prevent becoming a victim by being aware of what you are connecting to the Internet and thinking about whether it is necessary. The software on a device and the network it connects to must be secured. If your device comes with a default password, make sure you change it. It is also important to change the password on your wireless network at home. Use complex passwords to make sure that your device cannot easily be hacked.
If a device comes with a default password, make sure you change it. You should also change the password on your wireless network at home. Use complex passphrases to ensure your device is not easily hacked. If you have become a victim of a cyber attack due to a product manufacturer’s negligence, contact an experienced class action attorney to obtain more information about pursuing your legal rights.