If you or someone you know uses a pacemaker from Abbot or St Jude Medical, there is a firmware upgrade waiting for you at your next check-up. Or even sooner, depending on what you and your doctor decide. This upgrade closes a security hole that could allow an unauthorized person or attacker to change programming on the pacemaker. This vulnerability can lead to sudden loss of battery power, an increase or reduction in the pacer timing, or deliver unexpected defibrillation shocks. These commands could be sent over the radio connection these pacemakers use to communicate with their base station and the doctor.
We have spent some time reporting about the massive cybersecurity nightmare that is the “Internet of Things.” The list of devices that have been successfully hacked include web cameras, environmental control systems, home network hubs, Internet and wireless routers, and automobiles. This is only a partial list, but you can use your imagination to figure out why attacks on these devices may be bad for your health.
The issue with the pacemakers was discovered by security researcher MedSec back in September 2016. As is often the case, instead of thanking the researchers, SJM sued them. Once the FDA investigated and confirmed the report, St Jude dropped the lawsuit and worked on fixing the problem. The main issue was the use of weak 24-bit RSA encryption used in authentication, and the use of a hard-coded 3 byte override code. These issues are being addressed in the firmware update. There is a very low risk of failure (0.62%) and when these updates have failed in the past, they were successfully upgraded on a second attempt. So a very low risk factor.
Here’s the list of affected devices:
- Fortify Assura
- Quadra Assura
- Quadra Assura MP
- Unify Assura
- Unify Quadra
- Promote Quadra
There are no known cases where a pacemaker has been taken over by an unauthorized person, so far. The upgrade procedure can be done in the doctor’s office without surgery, lasts about 3 minutes, and may cause brief discomfort. During the upgrade, the device runs in backup mode at 67 beats per minute, and would be unable to respond to a cardiac event that occurred during the upgrade. This not a should do, but a must do, so check with your cardiologist and find out what your treatment plan is for this upgrade.