UPDATED 03:03 EDT / OCTOBER 06 2016

NEWS

Johnson & Johnson warns diabetics its connected insulin pumps could be hacked

One of Johnson & Johnson’s insulin pumps could be hacked to overdose diabetic patients, the company has warned patients.

The company sent a letter to patients warning of a security vulnerability, though it described the risk as low, according to Reuters.

It’s another example of the potential of the Internet of Things to come under attack. Possibilities include the potential for digitized weapons to be controlled by hackers, and more recently there has been speculation about the possibility connected vibrators getting controlled.

A threat or a possibility?

The warning is less of a threat than it is a caveat emptor. According to Reuters, which broke the story, J&J are merely telling users of the Animas OneTouch Ping insulin pump – 114,000 in the U.S. – that a hack is possible, rather than they have a tip-off the devices are under attack.

The article states that this is the first time a medical company has released a statement warning users about cyber vulnerabilities. The government, however, has in the past issued such warnings. In 2013 the FDA said that more than 300 products were at risk from cyber-attack including, “Insulin pumps, implantable cardioverter defibrillators, anesthesia devices, drug infusion pumps, ventilators, and pacemakers.”

Understandably, hacking a device that keeps you alive is something a user should be worried about. Lately a report talked about the possibility of “catastrophic” attacks on pacemakers and defibrillators, but so far such deadly attacks have been nothing more than simulations. One such simulation involved the now deceased (some say murdered) hacker Barnaby Jack killing a mannequin by hacking its wireless insulin pump.

Concerning the J&J pump, Reuters reported that a cyber-security researcher had found a way to hack the pump in question, after which he published his findings on his blog. The researcher, Jay Radcliffe, told Reuters, “The system is vulnerable because those communications are not encrypted, or scrambled, to prevent hackers from gaining access to the device.”

Radcliffe is now working with J&J to diminish the threat of attacks.

Photo credit: photopin cc

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.