From pacemakers to insulin pumps, discover five FDA-approved medical devices with documented security vulnerabilities still inside patients today.
Hyle Editorial·
These aren't hypothetical scenarios from a cyberpunk novel. These are FDA-cleared, physician-prescribed devices with documented security vulnerabilities — currently inside patients. In 2017, the FDA recalled 465,000 pacemakers due to firmware vulnerabilities that could allow attackers to drain battery life or modify pacing. In 2019, a security researcher demonstrated he could kill a patient from 300 feet away by hacking their insulin pump. Yet today, an estimated 10-15% of the 50 million Americans with implantable medical devices carry hardware with known, unpatched security flaws.
The medical device industry operates on 10-15 year product cycles, meaning devices designed in 2010—with the security standards of 2010—are still being implanted in 2024. When a critical vulnerability is discovered, you can't simply uninstall a pacemaker. The patient must undergo invasive surgery or live with the risk. This is the fundamental tension of connected healthcare: the same wireless capabilities that enable remote monitoring and life-saving interventions also create attack surfaces that malicious actors can exploit.
In 2011, security researcher Jay Radcliffe discovered that certain Medtronic insulin pumps could be reprogrammed wirelessly without authentication. By intercepting and replaying radio frequency (RF) signals operating at 916 MHz, an attacker could command the pump to deliver its entire insulin reservoir—typically 300 units—in a single bolus dose.
The lethal dose threshold for insulin is approximately 100-200 units for an adult. A compromised pump could deliver 2-3x the lethal dose within minutes.
Attack Vector
The pumps used a proprietary wireless protocol with no encryption and no authentication handshake. The attack required:
Equipment: Software-defined radio (SDR) dongle (~$20)
Proximity: Within 30 meters of the target
Technical skill: Moderate (script-kiddie level with available tools)
The RF communication followed a predictable frequency-hopping pattern, making interception trivial for anyone with basic RF engineering knowledge.
[!INSIGHT] The attack surface was not in the software but in the protocol design. Medtronic optimized for battery life and form factor, treating the RF channel as a trusted environment. This assumption violated the fundamental security principle: never trust the channel.
Current Status
Medtronic issued a "security notification" but not a full recall. Patients were advised to enable the "maximum bolus limit" feature—a software configuration that caps single-dose insulin delivery. However, this feature is disabled by default and requires patients to navigate complex menu systems to activate.
As of 2024, an estimated 50,000+ vulnerable pumps remain in active use. The FDA has not mandated a recall, citing the low probability of attack versus the medical necessity of the devices.
2. St. Jude Medical (Abbott) Pacemakers and ICDs
The Vulnerability
In 2017, the FDA issued a Class II recall affecting 465,000 implantable cardioverter-defibrillators (ICDs) and cardiac resynchronization therapy defibrillators (CRT-Ds) manufactured by St. Jude Medical (now Abbott). The devices contained vulnerabilities in their Merlin@home remote monitoring system.
The Merlin@home transmitter, which patients keep beside their beds, communicates with the implanted device via RF at 402-405 MHz (the MedRadio band). The transmitter then uploads data to St. Jude's servers via cellular or landline connection.
Attack Vector
Researchers at Medsec identified two critical vulnerabilities:
Lack of RF authentication: The pacemaker accepted commands from any transmitter broadcasting the correct frequency and protocol—no cryptographic verification required.
Merlin@home firmware update mechanism: The home monitoring unit downloaded firmware updates via unencrypted HTTP, enabling man-in-the-middle attacks.
“"We can induce 300 beats per minute ventricular tachycardia, drain the battery in hours, or disable life-saving shock therapy entirely.”
— Medsec researchers, 2016 White Hat security conference
The mathematical model for battery drain attack is straightforward:
Where $\text{Current}_{\text{attack}}$ represents the elevated current draw from continuous malicious RF communication. Normal pacemaker current: 20-30 μA. Under attack conditions: up to 10 mA—a 333x increase.
Current Status
Abbott developed a firmware patch and deployed it through physician offices. Patients had to visit their cardiologist for a 3-minute in-clinic update. The patch rate as of 2019: approximately 68%. The remaining ~150,000 devices remain vulnerable. No surgically implanted devices were exchanged—the firmware update was sufficient.
3. Baxter Infusion Pumps
The Vulnerability
Baxter's Sigma Spectrum infusion pumps administer medications, chemotherapy drugs, and nutrients intravenously in hospital settings. In 2015, the FDA issued a safety communication warning that these pumps could be remotely accessed and controlled by attackers on the same network.
The pumps run a modified Windows CE operating system with default credentials and no network segmentation requirements.
Attack Vector
The attack chain identified by researchers:
Step
Action
Access Level Gained
1
Access hospital Wi-Fi (often open or weakly secured)
Network access
2
Scan for port 5000 (Baxter default)
Device discovery
3
Connect using default credentials (admin/admin)
Drug library control
4
Upload malicious drug library
Dose modification
A malicious drug library could redefine the "standard dose" of morphine from 2mg to 200mg—a lethal override that would appear legitimate to nursing staff.
[!INSIGHT] The vulnerability exploited the principle of least privilege failure. The pumps assumed that any device on the hospital network was trusted, reflecting a pre-2010 network architecture philosophy. Modern segmentation would isolate medical devices on dedicated VLANs with strict access controls.
Current Status
Baxter issued patches and network security guidelines. However, a 2022 survey of 200 U.S. hospitals found that 34% still had at least one unpatched Baxter pump connected to clinical networks. The average hospital has 10-15 infusion pumps per bed, meaning a 500-bed facility could have 7,500 vulnerable endpoints.
4. Johnson & Johnson Animas OneTouch Ping Insulin Pump
The Vulnerability
The Animas OneTouch Ping, discontinued in 2019 but still used by approximately 30,000 patients, featured a wireless remote control for insulin dosing. The remote-to-pump communication used an unencrypted RF protocol at 916 MHz.
Attack Vector
A determined attacker could:
Eavesdrop: Capture RF transmissions between the remote and pump using an SDR
Replay: Resend the captured "deliver insulin" command
Amplify: Repeat the command multiple times
“"The device communicates in clear text with no encryption, authentication, or integrity checking.”
— Johnson & Johnson official security advisory, 2016
The company acknowledged the vulnerability but noted that an attack would require "high technical skills and proximity." Security researchers countered that the required equipment cost less than $100 and the attack could be automated.
Current Status
Johnson & Johnson recommended that patients:
Limit the remote's maximum bolus dose
Disable the remote feature entirely
Manually verify insulin delivery on the pump screen
No hardware recall was issued. Patients who rely on the remote feature (those with visual impairments or limited dexterity) face a difficult choice between security and accessibility.
5. Neural Implants (The Emerging Frontier)
The Vulnerability
While no brain-computer interface (BCI) has been successfully hacked in a patient, security researchers have demonstrated theoretical attacks on experimental neural implants. The attack surface is unprecedented: direct access to neural tissue.
Potential Attack Vectors
Consider the threat model for a deep brain stimulation (DBS) device treating Parkinson's disease:
Parameter manipulation: DBS devices deliver electrical pulses at specific frequencies (130-180 Hz), amplitudes (1-5V), and pulse widths (60-450 μs). Modifying these parameters could:
Induce movement disorders
Cause cognitive impairment
Trigger emotional dysregulation
Neurodata extraction: BCIs transmit neural recordings externally. An attacker could intercept this data, potentially revealing:
Pre-symptomatic neurological changes
Emotional states and thought patterns
Responses to stimuli (useful for interrogation or manipulation)
Closed-loop disruption: Next-generation BCIs use feedback loops—sensing neural activity and adjusting stimulation in real-time. Disrupting this loop could cause oscillatory instability:
Where $I_{stim}(t)$ under attack conditions could introduce chaotic dynamics into the membrane potential equation.
[!NOTE] The FDA's 2024 guidance on cyber devices requires manufacturers to submit Software Bill of Materials (SBOM) and vulnerability disclosure policies. However, the guidance does not mandate pre-market penetration testing for neural implants, which are classified as Class III devices requiring PMA (Premarket Approval).
Current Status
Companies like Neuralink, Synchron, and Blackrock Neurotech are developing BCIs with varying levels of security architecture. Academic researchers have called for "security by design" principles, including:
Hardware-enforced rate limiting on stimulation changes
Cryptographic signing of all parameter updates
Air-gapped fallback modes that require physical proximity
The Regulatory Gap and Patient Reality
The FDA's post-market surveillance system for cybersecurity vulnerabilities, established in 2016, relies primarily on manufacturer self-reporting. From 2016-2023, the FDA database recorded 1,243 medical device cybersecurity incidents, but independent researchers estimate the actual number is 5-10x higher.
The fundamental problem is economic: medical devices cost $10,000-$150,000 to develop and certify. Adding robust security (hardware security modules, encrypted RF, secure boot chains) can increase costs by 15-30%. In a competitive market with thin margins and liability shields, manufacturers prioritize clinical functionality over security.
Key Takeaway
The pacemaker problem is ultimately a patient problem. When security vulnerabilities are discovered in consumer electronics, users can update, replace, or dispose of the device. When vulnerabilities are discovered in implantable medical devices, patients must choose between surgical removal (with infection risk, anesthesia complications, and recovery time) or living with a device that could theoretically be compromised. The medical device industry has not meaningfully addressed this asymmetry, and current FDA frameworks provide no mechanism to mandate security updates without manufacturer cooperation.
Sources: FDA Medical Device Safety Communications (2015-2024); Medsec Research, "Pacemakers and ICDs: Security Analysis" (2016); Radcliffe, J., "Hacking Medical Devices" (Black Hat 2011); US Department of Homeland Security, ICS-CERT Medical Device Advisories; Johnson & Johnson Security Advisory AN2016-001; Baxter Healthcare Security Bulletins; Journal of Medical Internet Research, "Cybersecurity in Medicine" (2022); NIST Cybersecurity for IoT Program, Medical Device Profile.
This is a Premium Article
Hylē Media members get unlimited access to all premium content. Sign up free — no credit card required.
