Pacemakers and Blood Glucose Monitors Vulnerable to Cyber Attacks

The United States Food and Drug Administration sent out an alert on Tuesday regarding “Sweyn Tooth”. This affects health professionals and manufacturers to a group of 12 cybersecurity vulnerabilities. This allows unauthorized access by users that can potentially infiltrate devices like pacemakers and blood glucose monitors. These breaches can affect functionality.

The vulnerability has been found associated with technological communication known as Bluetooth Low Energy. This allows for two devices to exchange information and perform their functions while preserving the longevity of the battery.

The FDA has not confirmed any events related to the vulnerabilities in the systems, but they currently aware of certain manufacturers affected by them. Those among them are Texas Instruments, Cypress, Telink Semiconductor, NXP, and Dialog Semiconductors.

The Department of Homeland Security has released that the affected medical devices that may be compromised may include pacemakers, blood glucose monitors, and anything that uses BLE SDKs (software development kits).

The FDA is recommending that the manufacturers evaluate and monitor any unusual behaviors with their devices. It may be necessary for new software patches to be developed for these devices.

The patches that they are recommending are not likely to significantly change the devices themselves or how they operate. It should only address the vulnerabilities that are possible due to the Sweyn Tooth.  These would most likely not need premarket review by the FDA prior to implementation. If there were to be changes needed to the devices themselves to thwart off an attack, that would require a premarket review by the FDA.

This is becoming a topic more addressed by legal firms, especially those that specialize in medical device and technology regulation. They see that the FDA seems to be localizing its efforts on the higher-risk products.

The challenge is making sure that the FDA doesn’t flood the market with these potential threats and decrease the ones that really matter.

CloudWedge