Contact Contact Us

750,000 Heart Defibrillators Prone to Hijack

Medical device maker Medtronic has warned that its heart defibrillators are prone to manipulation, which may result in life threatening situation for users. The flaw resides in the devices' wireless radio frequency (RF) component that fails to implement encryption and authentication. An attacker within the devices' proximity can therefore intercept the RF communication and manipulate the defibrillators implants. About 750,000 heart defibrillators are affected and Medtronic is developing software updates to address the vulnerabilities.

References:
[1] Security Bulletin March 21, 2019: Conexus™ Telemetry and Monitoring Accessories (PDF)
[2] Cybersecurity Vulnerabilities Affecting Medtronic Implantable Cardiac Devices, Programmers, and Home Monitors: FDA Safety Communication
[3] Medtronic Conexus Radio Frequency Telemetry Protocol

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883