The medical industry is still facing an array of security challenges, but hospitals and healthcare providers are becoming more aware of the risks inherent in their environments.
Patches are available for three critical-severity remote code execution flaws that affect more than 150 devices, including medical imaging and laboratory products.
The Food & Drug Administration has appointed University of Michigan computer science researcher Kevin Fu to serve as the agency's Acting Director of Medical Device Cybersecurity.
Security researchers have demonstrated in the past how implanted medical devices such as insulin pumps and pacemakers can be compromised. A team from Virginia Polytechnic Institute and State University investigated how these devices could be used to compromise secure facilities used to work on classified information.
The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency warned in an advisory that cardio defibrillators from medical device company Medtronic can be modified while still implanted in patients. Without access control, the defibs can't differentiate between authorized and unauthorized instructions.