[ISN] Feds examining medical devices for fatal cybersecurity flaws

http://arstechnica.com/tech-policy/2014/10/feds-examining-medical-devices-for-fatal-cybersecurity-flaws/ By David Kravets Ars Technica Oct 23 2014 It was an eerie tale. Former US Vice President Dick Cheney announced last year that he disabled the wireless function of the implanted heart defibrillator amid fears it could be exploited by terrorists wanting to kill him. Cheney’s announcement put a face to the fear of possible medical-device hacking exploits, and researchers and the federal government were slowly realizing there were genuine vulnerabilities associated with these implanted devices. They are equipped with computerized functions and wireless capabilities that allow the devices to be administered without requiring additional surgery, and therefore they could be vulnerable to hacker exploit. Cheney’s move may have seemed far-fetched, but his paranoia is being confirmed, as the Department of Homeland Security is now probing potential cybersecurity flaws in certain medical devices. “The Department of Homeland Security’s (DHS) Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT) works directly with the Food and Drug Administration (FDA) and medical devices manufacturers, health care professionals, and facilities to investigate and address cyber vulnerabilities. DHS actively collaborates with public and private sector partners every day to identify and reduce adverse impacts on the nation’s critical cyber systems,” DHS spokesman S.Y. Lee wrote Thursday to Ars. […]