Medical Device Cyber Failures Become Fatal | Ep. 52

In this episode of the Med Device Cyber Podcast, hosts Trevor Slattery and Christian Espinosa of Blue Goat Cyber delve into the serious and often life-threatening consequences of medical device cybersecurity vulnerabilities. They move beyond theoretical risks to discuss documented incidents where software flaws and security breaches have resulted in tangible patient harm and, in some cases, death. The hosts argue that understanding this history is crucial for appreciating why regulatory bodies like the FDA are now enforcing stricter cybersecurity requirements, treating digital security as a fundamental component of patient safety on par with traditional safety measures like sterility and biocompatibility. A significant portion of the discussion centers on the 2017 WannaCry ransomware attack, which they identify as a major catalyst for the modern era of medical device cybersecurity regulation. Slattery and Espinosa explain how this widespread, non-targeted attack crippled hospital operations globally by encrypting critical systems and medical devices, forcing a return to manual processes and delaying urgent patient care. They detail why healthcare organizations are such frequent targets for ransomware: the immense value of stolen patient data and the critical, life-or-death nature of their services create immense pressure to pay ransoms quickly. The conversation also explores the downstream effects, where even unaffected hospitals and patients suffer when central systems, like insurance providers, are taken offline, preventing payments and reimbursements. Beyond ransomware, the hosts examine more direct and targeted threats. They recount the famous case of former Vice President Dick Cheney, whose doctors disabled the wireless functionality on his implantable defibrillator out of fear that it could be hacked for a targeted assassination attempt—a threat later proven possible by security researchers. This leads to a discussion of other proven vulnerabilities, such as those demonstrated by researcher Barnaby Jack in drug infusion pumps, which could be remotely manipulated to deliver lethal overdoses. The episode concludes by touching on modern challenges, including safety failures in AI-powered therapy agents, further blurring the line between software error and security risk. The overarching message is that past incidents are not just stories; they are the driving force behind the necessary, albeit challenging, evolution toward a more secure MedTech landscape.

Trevor: Hello and welcome back to another episode of the Med Device Cyber Podcast. Trevor: We're here, your cohosts Trevor Slattery and Christian Espinosa, and today we're going to talk about some situations and incidents that have come up where medical device hacks or medical device vulnerabilities and problems have led to direct tangible harm or in many cases even death against individuals. Trevor: It's definitely a very serious topic. There's a lot that can go wrong within the medical space, so we want to make sure that A, we're learning lessons of course from all of these areas and understanding what we can do in collaboration with the regulators to make sure that this isn't happening anymore. Trevor: First, I'll check in with you. How are you doing Christian today? I know, uh, you've been on a pretty crazy travel schedule, so just settling down and back home in Phoenix for what, one day, two days? Christian: Uh, I just got back from Singapore on Sunday. I was there for eight days, so I felt like I finally got acclimated to their schedule. Christian: And now I'm here for, I was here, gonna be here for one day, but I changed the flight, so I'm here for three days. So, not enough time to get acclimated here, and then I'm heading to Europe uh, tomorrow, actually. Trevor: Perfect. Well, yeah, at least get a little bit of respite moving it to three days as opposed to one day. Christian: Well I need a little bit of time to catch up on a few things and, uh, you know, actually enjoy my condo. I feel like I'm paying for this condo but I'm never here. Trevor: Well, talking about some of the issues that we've seen come up with medical devices, there's some definitely deep history on vulnerabilities, incidents that have come up where there's been tangible patient harm. Trevor: Actually one of the events that really drove some of the modern cybersecurity requirements that we see today home was a ransomware attack in 2017, the WannaCry ransomware attack where a lot of medical devices were affected, hospital operations screeched to a halt, and that started to underline the importance of cybersecurity within these products. So Trevor: there are new breaches, there are new problems, there are new events and everyone sees ransomware on the news, it feels like every other day something is getting ransomware'd. Trevor: But the regulators are trying to make an effort to stop some of this from happening. So, we can start a little bit about talking about what WannaCry was for anyone unfamiliar and then go into some more of the incidents that we've seen. So Trevor: for background on how this comes up, ransomware, everyone would be familiar with, it's something that is non-targeted, it's a non-targeted virus. It gets into a computer and it spreads into everything. Trevor: Uh, it goes to any connected computers, encrypts all the information so that nothing is accessible. The attackers steal a copy of it, they threaten to release it into the public if someone does not pay a ransom. Trevor: Now, when they're stealing this information from a hospital, this is going to contain extremely sensitive records. This is going to have a lot of patient information, often times payment information as well, so it's very, very valuable to attackers. That's why hospitals are so commonly ransomed. Trevor: WannaCry was an especially dangerous version of that, happened in 2017. And like I said, that really acted as the catalyst for some of these regulators to start kicking up the, raising the bar with cybersecurity. Christian: You have to think about it if you're a hospital, and I, I saw an episode of, I used to watch this show Chicago Med? a-but they actually had a ransomware attack in there. Christian: And the hospital didn't know what to do and patients were, were basically dying because they couldn't, an ambulance would show up and they couldn't intake the patient. Uh, all the systems were down. So one of the doctors actually paid the ransom out of his own pocket because the hospital didn't have a policy for it. Christian: And I think that that episode, I think it's called Chicago Med, is that show, uh, was pretty much based on reality from my experience. Trevor: Yeah. When that happens, when ransomware hits a healthcare delivery organization, there's not that much that can be done anymore. Trevor: We are in an extremely online world. Um, the overwhelming majority of medical products are now internet connected. Anything relating to payment, anything related to record storage, anything related to even note taking is often going to be entirely online or digitally stored. Trevor: Obviously there are tons of advantages for that. I mean, we look at the fact that we're in a podcast recording right now with me being in California and you being in Arizona. Awesome advantages to this technology, but when it goes down, everything goes down. Trevor: Even, um, recently there was this ransomware attack against United Healthcare. Uh, I believe it was United. There was a, uh, insurance provider that had a ransomware incident and people were not able to get reimbursed and people were not able to pay for their services even at unaffected hospitals. So the downstream effect of ransomware can be extremely severe, and yeah, not too unrealistic there, often times you can't intake new patients, everything switches back to a manual system. Trevor: Often times, even the climate control would be on a, you know, automated digital system and if that's struck by ransomware, it can be fully taken offline. So it's a very severe downstream effect. Christian: So one of the questions I hear, or debates, is no patients have ever died because of a cyberattack. What what are your what is your perspective on that? Trevor: So this argument, it can be difficult to directly attribute harm to a cybersecurity attack. Uh, this has since changed, uh, earlier this year, towards the end of last year, they were starting to do some deep dives into an attack for a ransomware attack against NHS blood centers in the UK. Trevor: And they were able to prove if that attack had not happened, patients that had died would have been able to receive treatment that would have saved their lives. Instead, they were unable to receive transfusions, they were unable to receive treatment in time, and they ended up unfortunately dying because they could not receive this due to the ransomware blocks. So that argument has become fairly recently uh, definitively unproven, though there is always speculation on what is the actual downstream effect of ransomware. Trevor: You can say, well, with that, that breach mentioned earlier around insurance providers. If insurance providers are shut down, some people might not be able to pay for treatments that they would have otherwise needed. Could you attribute that ransomware attack to any negative effects that come up to that individual? How far does that connection go? Trevor: So while it can be hard to have a direct attribution without cases such as this NHS incident, the downstream effects can cause significant harm, significant distress, and in cases, even death to individuals where there is a ransomware attack against healthcare delivery organizations. Christian: And this is why the FDA and other regulatory bodies are putting more scrutiny on medical devices. Trevor: Exactly. So, when we're looking at why someone is attacking a medical device, now we always talk about ransomware. It is the most efficient method to attack hospitals. They're big, they're a lot of devices, they're often, it just takes one thing that was unprotected for a ransomware operator to get in. Trevor: So, it's usually a very high return on investment for the criminals as opposed to trying to attack, say a law firm where the information is a lot less sensitive, uh it may be a smaller attack surface for them to cover. Hospitals are usually just considered the holy grail for ransomware and for ransomware operators and it's why they're one of the, if not the most, attacked industry there. Christian: What's also the risk, right? Because a law firm, so they can't conduct law like a couple days like what does it matter. A hospital though, if it's ransomware'd, the risk is super high to the patients, uh and there may be patient lives at stake. So they, the hospital is forced to do something with about it much quicker than like a law firm, like the scenario you gave. Trevor: Exactly. Yeah, law firms can often wait and try to negotiate down to a better deal. They can get a ransomware negotiator involved with the process, and hospitals oftentimes are going to be forced to make a decision within a matter of hours. Trevor: Now very often it will be a requirement to have insurance in case of ransomware attacks specifically for this reason, so that it doesn't go into this in-depth negotiation. You know, the insurance provider of course tries to negotiate, but if it comes to heads, generally the way out of it is to pay the ransom and leave. Trevor: It's a very it's an awful escape considering the only reason ransomware operators continue to try these attacks is because the ransoms get paid. But when we're dealing with patient life, patient safety, it's such a difficult decision, do we try to hold our ground and see if they'll back off, or do we get back to normal operation and potentially save lives that may have been lost. Generally, of course, prioritizing the patient's lives, prioritizing the safety of those individuals has to be the priority. So unfortunately paying the ransomware operators does propagate that industry, but it protects the lives of the individuals that would have otherwise been affected. Christian: What are some other uh, cybersecurity attacks on medical devices that are different than outside the scope of ransomware that have occurred historically or recently? Trevor: So one example that this attack did not explicitly occur, but it was theorized to occur and then proven to be possible was Dick Cheney had, I believe it was a pacemaker or maybe a defibrillator. Christian: Uh defibrillator, a pacemaker just keeps the pace of your heart, but a defibrillator could actually shock you. Trevor: Okay. So he had this device, an implantable device within his heart that was, you know, keeping him going, keeping him alive. Trevor: He, the device had remote connectivity capabilities. This was, you know, once, once we were starting to make that shift to companion apps for medical devices where we had a little bit more of a network connectivity going on. But Dick Cheney theorized that someone could try to assassinate him through the pacemaker. What if someone could remotely connect to it and shut it off, or change the pacing of it and cause them to have a heart attack, whatever that problem might be. Someone could influence the operation of it. Trevor: Now he ended up having it removed and replaced with a version where he did not feel this was a present risk. Trevor: After the fact, down the line, security researchers did uncover a lot of common vulnerabilities in pacemakers such as the one that he had. Very famously, um pacemakers put out by Medtronic were exposed to a cyber security vulnerability where someone could with no authentication, no permission, connect into it and change the way that they worked with a simple tool that sends out a Bluetooth connection or I believe it was a radio frequency connection. Bluetooth doesn't always work super well for implantable devices. The signal has a hard time leaving tissue. But for radio frequency, it often works a lot better. Trevor: Uh, this was another kickstarter to say, hey, there are a lot of problems that can be in place here. And the bigger concern there would be more of a targeted assassination. Different from ransomware, you aren't trying to find the lowest hanging fruit and let something proliferate through a network. You're saying, this individual, I know has this pacemaker and I understand how to control this pacemaker, therefore, I could harm this person directly with an attack. Trevor: Now for your average everyday person, this isn't a super realistic scenario. Of course, you know, there are situations where something awful like that can happen. But for anyone, for a politician, for anyone in this higher position of, you know, public spotlight or more controversial opinion as politicians often are, this is a very serious risk that something could happen to them and with a pretty difficult to pin down understanding of how it happened. So, there can be very significant risks involved there as far as compromising an individual's implantable device. Christian: There's an episode of that series Homeland where they actually, uh, shocked someone, I think it was to death in Homeland based on what happened to Dick Cheney or what the theory was with Dick Cheney. Trevor: Especially once it was proven to be a possible attack against people with those pacemakers, it then became a little bit of a, it was a a spotlighted problem for a while, especially for Medtronic when it was disclosed that their pacemakers had this vulnerability. There was a widespread recall. Trevor: And understanding a recall for a pacemaker is a lot different from a recall for your laptop or your car. You don't have to take the laptop or the phone or whatever it is out of your body that doesn't require surgery. So avoiding these problems ahead of time and trying to get on top of security before this comes up, especially for products like that is extremely, extremely important. Christian: And there was a case with the drug infusion pumps for a while, had a a major flaw, a lot of them had been recalled as well where the hacker, I believe his name was Barnaby Jack, proved that he could wirelessly connect to a drug infusion pump, uh which is a pump that controls the flow rate of some sort of intravenous drug that you're being administered. Christian: and he could increase the flow rate, stop the flow rate, pretty much do whatever he could wanted to do with that pump. And he demonstrated this in an event where there was a dummy and he increased the flow rate and the theory was if this person was being administered something like morphine and you maxed out the flow rate, that you could kill the patient. Christian: Uh, but then I think he was about to present something else at a Black Hat Black Hat event and ironically, uh, supposedly OD'd the day before the presentation, it's a little bit of controversy about the whole episode, the whole situation. Trevor: Yeah. And that was a, that was another device from uh Medtronic. I feel like they've had a couple of... Yeah, the, I think it was the Medtronic Minimed Pump. Christian: Okay, I thought there's a Hospira one, a Hospira one as well. Trevor: It could be. It's, before these regulations got tighter, it was the wild west and especially digging up some of the vulnerabilities present in these legacy devices. They're, there can be some pretty significant risks there. And so yeah, it's not an uncommon problem, and frankly it just wasn't at the front of anyone's mind until people like Barnaby Jack started talking more about it, until they started putting it into movies and TV shows and then finally when WannaCry was really the catalyst to get the ball rolling on some of these activities. But yeah, it it wasn't something that people were consciously thinking of for a long time. And so that's why cyber security before 2023 in medical devices for the FDA was sparse to say the least. Christian: Yeah. It's an interesting thing because my wife's father-in-law has a pacemaker and a defibrillator implanted. Christian: And I was with him one day and I was like scanning to see if I could pair my phone Bluetooth with it and I was, it didn't come up, but I was, if I don't have all the tools with me like Med Radio, but I was thinking, man, if I was like some way determined, I could probably do something here. Trevor: Yeah. And especially, you know, moving from your phone, your phone is going to have pretty surprising capabilities as far as what it can connect to, but when we're conducting penetration tests, we'll use a lot of very specific targeted radio frequency tools or for Bluetooth testing really, really precise and targeted antennas that give us a lot more control over that. Trevor: And these tools, these aren't, you know, these aren't some big secret where you have to go and spend thousands and thousands of dollars to get some enterprise grade hacking tool. Often times, they're $300. $300 to have a tool that can manipulate, control, change, modify, intercept, drop radio frequencies across the board. That is a very, very powerful tool, especially when interacting with these medical products where there can be such a high level of risk. So moving past, you know, just trying to see if there's something easy there, a moderately motivated attacker that has $300 to spend on a specific tool can get a lot further access. Christian: What other, uh, devices? I know there's the Therac 25 incident that happened in the 80s. That wasn't really a cyberattack, it was a software programming problem where if somebody, this is a, um, X-ray machine I believe, where somebody administered in the X-ray, the the button didn't show they administered, so they pushed the button over and over and over and overdose people with X-ray exposure or radiation exposure, I should say. Trevor: Yeah. And then, you know, understanding where is it between a security and between a software problem. I think part of what makes security unique in medical devices is we're focusing on patient harm as our primary metric. Trevor: So while there is not an explicit security concern if let's say an attacker walked up and hit that button 50 times and then delivered a ton of radiation in one go, we would consider that a major safety risk. So when we're trying to conduct an assessment against a product, that's likely something that we would see. We always try to try doing weird things. Send a bunch of input at once, see if it'll respond once or if it'll respond 20 times or if it won't respond at all. So if we see something like that, even though it's not a security risk, we'll probably stop and say, hey, this is something that we need to look at a little bit deeper. There's a big safety concern here that you should be aware of and we are actually going to write this up as a significant problem since we have to consider that safety and security blend there. Christian: Right. And there was a a case of recently with AI, uh, I I think AI is a little bit of a challenge in in Medtech, uh, specifically with certain use cases. Are you familiar with that case or I can talk about a little bit if unless you're already familiar with it. Trevor: Yeah, so, I believe we're talking about, um, there was a case recently where an AI therapy agent was working with a suicidal patient and the AI agent sort of flipped a switch and it ended up actively encouraging the patient to follow through with their suicidal ideations. Um, they ended up actually following through with that and they ended up committing suicide. Trevor: That goes back to obviously major, major safety concern there and seeing how can that be tied back to security? What could have been done to fix that and what could have been done to prevent that? AI is a very complicated problem to navigate due to how much complexity goes into training the AI, what happens with the output, what is happening with the processing within the AI? Are you using your own AI? Are you using someone else's model? Is this a wrapper around chat GPT? There's a lot that can go into that that makes it very difficult to fully cover. Christian: Yeah, for sure. And these are all like you said it's in terms of patient safety it could be a software error in normally it could be a cybersecurity attack like that the case we just went over with AI in the the therapy that was a problem with the AI model itself. Christian: But even if the model was better we could have still done a cyber attack to influence the AI therapeutics agent to convince the patient to kill themselves as well. So we have to look at that angle also. Trevor: Right. If an AI is doing that, it's typically because there aren't enough guard rails in place on what it is allowed to respond. So there is no guard rail saying that the AI needs to act in a benevolent and helpful manner, which would make sense to be uh just a minimum baseline for an AI assisting in therapy. Trevor: Not having these guard rails in place, not having these constraints around it. AI tools are very unpredictable. They do a lot of things and it's hard to guess exactly what that's going to be unless you very strictly control it and validate that there is nothing that the AI can do to get outside of these guard rails. Christian: I think we covered quite a few examples and why there's a push to have more scrutiny against any device that's a cyber device or has software in some way to connect to it because we have seen some cases where there's been harm to patients. Uh there's been patient death and it's becoming a a bigger deal today. And thankfully a lot of the regulatory bodies are are forcing or enforcing medical device manufacturers to do this due diligence because I kind of feel like without a compliance driver for cyber security, like nobody cares about it. Until there's an incident, then they kind of start caring about it, but it's always retroactively versus proactively. Trevor: Yep, exactly. Yeah, it is, uh, very often as I often say, cyber security is the necessary evil. It's not something that people want to do. It makes things more complicated, it makes things harder to use, but it's extremely important. When medical devices, it is going to provide assurance of safety, prevent ransomware attacks, prevent targeted assassinations, all of these potential risks that could come up with medical devices that sure, it's a difficult process to go through. There are a lot of changes and a lot of work that needs to be done to adhere to it, but this guarantees that we're putting out or not guarantees, but does our best effort to ensure that we're putting out quality and safe products. Christian: Yeah, and I guess the silver lining is there have been some incidents, but we are doing as a Medtech ecosystem. We're taking the right steps to make improvements so these things don't happen again. I know it's totally new that a lot of Medtech innovators are getting frustrated because this is new, but ultimately it's a step in the right direction. Just like biocompatibility, sterility and all these other things that have to be done for the sake of patient safety, we're finally considering cyber security. Trevor: Exactly. Yeah, it's we always talk about it as you can't treat it as a checklist approach to security due to how unique it is, but it is ultimately, you know, a box that needs to be ticked on your way to proving you have a quality, effective, and safe device before getting ready for the FDA or even for existing products. Christian: Any, uh, last words of wisdom? We're coming up on time here. Trevor: I think it is very important that we learn from what has happened in the past. Understanding where these require understanding what used to happen as a driving factor for these requirements shines a little bit of light on why we actually have to treat these as critical items, why this is so important since, you know, you could even think of it as something like say the polio vaccine. And a lot of people say, well, you never see polio anymore. And you go, yeah, there's a good reason for that. So hopefully we get to a world where people say I don't get why we need cyber security. We never see ransomware anymore and you go, yeah, there's a reason. Christian: Well I think we're pretty far from that world, but that would be a nice uh utopia, right? It wouldn't be good for us. so we wouldn't have a lot of work to do because it'll already be taken care of. But uh I think we've got uh a hundred plus years before we get there. Trevor: Yeah, probably. Christian: Well thanks everyone for tuning in. I hope you found value in this episode. And uh the good news is we are shifting in the right direction and making sure devices are more secure today than they ever were in the past. And even the legacy devices, we're going back and looking at those and making sure the risk is minimal to patients as well. So we are heading in the right direction in Medtech. And hopefully we see you on the next episode of the Med device cyber podcast. Talk to you uh next next week or the week after.