Q&A: We Must Protect Bionic Bodies From Hacking, Says Kevin Fu

It’s time for manufacturers to get serious about cybersecurity for implanted medical devices

2 min read
Illustration of Kevin Fu.
Illustration: Jacob Thomas

human os icon

illustration of Kevin Fu Illustration: Jacob Thomas

As patients welcome neurostimulators, medical microbots, and other hardware into their bodies, they’re welcoming potential security flaws too. Kevin Fu, an associate professor of electrical engineering and computer science at the University of Michigan, says the medical device industry needs to get serious about cybersecurity now to ensure that life-saving technologies remain safe and trusted in the future.

IEEE Spectrum: Are medical device manufacturers considering security early enough in the design process?

Kevin Fu: Yes and no. Some manufacturers show up to meetings about improving medical device security and participate in good faith. The real problem is that some manufacturers still aren’t showing up.

Yet you and others have shown how medical devices can be compromised.

I don’t see any maliciousness. If you’re a manufacturer and some hacker comes and says the sky is falling, you’d probably laugh it off. The sensationalism has a negative impact. It distracts from the serious engineering.

The U.S. Food and Drug Administration issued the first cybersecurity guidelines for medical devices. What’s in them?

They’re the equivalent of hand washing in medicine—they’re the basics. Cybersecurity hand washing means you enumerate the risks, put in place technical controls to mitigate the risks you’ve identified, and make sure you have the ability to determine if those controls are working effectively. To security professionals this isn’t surprising, but to a biomedical engineer it really is groundbreaking.

What’s the biggest security threat to medical devices today?

The main risk is conventional malware that accidentally breaks into a medical device. That is not your sinister hacking plot. For example, the FDA got a report that a pharmaceutical compounder [a machine that makes liquid drugs] had Conficker, a rather old worm. It turns out the compounder was running Windows XP Embedded, a 10-year-old operating system. It was completely susceptible. This is classic hand washing: Imagine you haven’t washed your hands for 10 years and then you decide to pick your nose.

This article originally appeared in print as “Will Bionic Bodies Get Hacked?”

The Conversation (0)

Windows 11 Is Here, But Will It Run on Your PC?

Some of the actual beta testers will now have to downgrade to Windows 10

3 min read
Harry Campbell

Microsoft's Windows 11 is awesome. It also abandons millions of users.

The latest version of Microsoft's 36-year-old operating system began its rollout on 5 October 2021. Some eligible devices may not receive it until mid-2022. Still, there's a chance your PC will have the update by the time you read this.

If you have a new PC, that is. Windows 11 is a free upgrade, but in a break from past releases, Microsoft will exclude hundreds of millions of PCs that run Windows 10.

Keep Reading ↓ Show less

Drones to Attempt Rescue of Starving Dogs Stranded by Volcano

Authorities have granted permission for a drone company to try to airlift dogs on La Palma to safety

3 min read
Left: Leales.org; Right: Cabildo de La Palma en directo

For the past month, the Cumbre Vieja volcano on the Spanish island of La Palma has been erupting, necessitating the evacuation of 7,000 people as lava flows towards the sea and destroys everything in its path. Sadly, many pets have been left behind, trapped in walled-off yards that are now covered in ash without access to food or water. The reason that we know about these animals is because drones have been used to monitor the eruption, providing video (sometimes several times per day) of the situation.

In areas that are too dangerous to send humans, drones have been used to drop food and water to some of these animals, but that can only keep them alive for so long. Yesterday, a drone company called Aerocamaras received permission to attempt a rescue, using a large drone equipped with a net to, they hope, airlift a group of starving dogs to safety.

Keep Reading ↓ Show less

Emerging Trends in Wireless Infrastructure

Emerging Trends in Wireless Infrastructure

1 min read
Rohde & Schwarz

This paper describes the emerging infrastructure trends of wireless networks for 4G, 5G, and beyond 5G. These trends provide even more opportunities to service providers for network deployments, network customization, and network optimization. These key trends include (i) spectrum trends, (ii) densification & coverage extension methods, (iii) virtualization and cloudification, and (iv) network customization and intelligence.

Trending Stories

The most-read stories on IEEE Spectrum right now