- WORLD EDITIONAustraliaNorth AmericaWorld
Investing News NetworkYour trusted source for investing success
- Lithium Outlook
- Oil and Gas Outlook
- Gold Outlook Report
- Uranium Outlook
- Rare Earths Outlook
- All Outlook Reports
- Top Generative AI Stocks
- Top EV Stocks
- Biggest AI Companies
- Biggest Blockchain Stocks
- Biggest Cryptocurrency-mining Stocks
- Biggest Cybersecurity Companies
- Biggest Robotics Companies
- Biggest Social Media Companies
- Biggest Technology ETFs
- Artificial Intellgience ETFs
- Robotics ETFs
- Canadian Cryptocurrency ETFs
- Artificial Intelligence Outlook
- EV Outlook
- Cleantech Outlook
- Crypto Outlook
- Tech Outlook
- All Market Outlook Reports
- Cannabis Weekly Round-Up
- Top Alzheimer's Treatment Stocks
- Top Biotech Stocks
- Top Plant-based Food Stocks
- Biggest Cannabis Stocks
- Biggest Pharma Stocks
- Longevity Stocks to Watch
- Psychedelics Stocks to Watch
- Top Cobalt Stocks
- Small Biotech ETFs to Watch
- Top Life Science ETFs
- Biggest Pharmaceutical ETFs
- Life Science Outlook
- Biotech Outlook
- Cannabis Outlook
- Pharma Outlook
- Psychedelics Outlook
- All Market Outlook Reports
FDA Warns of Potential Medical Device Cybersecurity Defects
According to the regulatory agency, it is not known exactly which devices could potentially be impacted by URGENT/11 vulnerabilities.
The US Food and Drug Administration (FDA) issued a warning on Tuesday (October 1) regarding the possibility of cybersecurity attacks on software that powers certain medical devices.
According to Armis Security, 11 device vulnerabilities, dubbed URGENT/11, allow hackers to gain complete control of devices remotely and without outside interference.
The FDA states that this kind of attack can alter the function of devices, as well as deny service and leak information — essentially resulting in device malfunction.
URGENT/11 vulnerabilities are found in a third party software called IPnet, which is used across a wide range of industrial and medical devices. IPnet was developed by Interpeak, which Wind River Systems acquired in 2006. IPnet is a software that allows computers to communicate over a network; it can be integrated into other software applications and systems.
The affected operating systems include: VxWorks by Wind River, Operating System Imbedded by ENA and ThreadX by Microsoft (NASDAQ:MSFT). The vulnerabilities may not be found in all of these examples.
Suzanne Schwartz, deputy director of the office of strategic partnerships and technology innovation at the FDA’s Center for Devices and Radiological Health, said that the agency hasn’t been notified of patients who may have been exposed to any kind of cybersecurity attack. However, she expressed that any such attack “could be significant.”
“It’s important for manufacturers to be aware that the nature of these vulnerabilities allows the attack to occur undetected and without user interaction,” Schwartz said. “Because an attack may be interpreted by the device as a normal network communication, it may remain invisible to security measures.”
According to the FDA, many medical device manufacturers are evaluating which devices may be impacted, while others have notified customers of potentially affected products, including imaging systems, infusion pumps and anesthesia machines.
While the exact number of devices potentially impacted is not clear, the FDA said devices with at least one of the vulnerabilities will be made known.
The FDA will continue developing ways to properly address cybersecurity-related issues throughout the duration of a medical device’s life. This includes working closely with researchers and developers in addition to government-related bodies.
According to a report from Research and Markets, the medical device security market will reach US$6.59 billion by 2023, up from US$4.36 billion in 2018. This represents a compound annual growth rate of 8.6 percent during the forecast period.
As data breaches continue posing threats at a global scale, impact on the healthcare sector is no surprise. Research and Markets says drivers of the the medical device security market include a rise in cyberattacks in the healthcare industry, an increase in the geriatric population and chronic disease management, government regulations and the demand for connected medical devices.
Tuesday’s FDA announcement comes ahead of an FDA medical device software regulation strategy seminar, which is expected to take place in Philadelphia, Pennsylvania, in November.
Research and Markets states that the seminar will focus on education on the agency’s recent medical device regulation strategies, as well as on malicious hacks and how to deal with software issues.
Don’t forget to follow us at @INN_LifeScience for real-time updates!
Securities Disclosure: I, Jocelyn Aspa, hold no direct investment interest in any company mentioned in this article.
Investing News Network websites or approved third-party tools use cookies. Please refer to the cookie policy for collected data, privacy and GDPR compliance. By continuing to browse the site, you agree to our use of cookies.