Medtronic Insulin Pump Security
Recently, the Associated Press ran an article about research presented at a computer security conference regarding the security of insulin pumps. We know this has been discussed quite a bit on Twitter and blogs such as Six Until Me and Scott Hanselman’s Computer Zen this weekend so today we thought we’d take the opportunity to answer a few questions about the security of Medtronic insulin pumps.
First and foremost, should I be worried about wireless tampering of my Medtronic insulin pump?
No. After reviewing the research presented last week, we believe the risk of deliberate, malicious, or unauthorized manipulation of medical devices is extremely low. Therefore, we do not see a reason to believe that this is an issue of concern for Medtronic customers.
Why shouldn’t I be concerned?
- Medtronic takes very seriously the issue of information security of devices. It’s an integral part of the very fabric of our product design processes.
- Thanks to Medtronic’s information security measures, we strongly believe it would be extremely difficult for a third-party to wirelessly tamper with your insulin pump.
- To our knowledge, there has never been a single reported incident of wireless tampering outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide.
- The controlled laboratory experiment highlighted in the Associated Press article is the first and only such report we have seen.
- After reviewing the research presented last week, we discovered that the researcher was only able to “hack” his own pump using in-depth knowledge about the product, such as the serial number of both the insulin pump and remote device. He also TURNED ON the wireless feature and had access to specialized equipment which he used to rebroadcast the RF signal in a controlled environment.
We have been and will continue to be vigilant in reviewing the external security landscape, designing our products with information security in mind and creating rigorous, complex safeguards which will help ensure product security.
However, if in the very remote chance someone manipulated your pump by tampering with the wireless transmission to deliver a bolus of insulin that you did not want to receive, your pump would play back a series of tones to confirm the size of the bolus. So, you would be able to detect tones on the insulin pump that weren’t intentionally programmed and could intervene accordingly.
The researcher in the article was unable to manipulate his CGM. However, in the very remote chance someone was ever able to find a way to do so, our CGM labeling requires you to confirm the sensor glucose reading with a fingerstick measurement prior to making any type of therapy decisions. So, you would have the opportunity to investigate any type of discrepancy caused by wireless tampering.
Is there really anything Medtronic can do to “prevent” manipulation of devices?
Technology is constantly evolving and Medtronic is continually incorporating measures to maintain information security, while ensuring our devices meet their intended purpose of improving and extending lives.
We understand that there are no absolute certainties in information security. However, we also know that being vigilant in reviewing the external security landscape, designing our products with information security in mind and creating rigorous, complex safeguards will help ensure product security.
We also recognize there are people who focus on manipulation of devices – medical and otherwise. Our job is to incorporate information security measures into our designs, vigilantly monitor potential threats and to always be proactively finding ways to make our devices more secure for you. That is what we have done and what we will continue to do.
I’m still worried. Is there anything I can do to prevent someone from wirelessly tampering with my pump?
Again, to our knowledge, there has never been a single reported incident of wireless tampering outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide.
However, if you’re still concerned about wireless tampering, you can remove any uncertainty by turning OFF the wireless communication on your device. For instructions, and information about what functionalities will and will not be available if you turn off wireless communication, see your user guide or call the 24-Hour HelpLine at 1-800-646-4633.
Any other questions? Just let us know.
x
Share this Blog with a Friend
Archive
Innovating for life.
Comments
Michael Ziedman
Posted on Tue Aug 09 20:24:08 GMT 2011
Thanks...a well-craftted post..I can tell a lot of thought went into the response. After reading the AP article, my general thoughts were the same but good to see as usual that Medtronic is aware and very responsive to new "developments", etc...
Mike
Mike Morris
Posted on Fri Aug 12 16:35:24 GMT 2011
This security issue was discussed in a thread at diabetes forums. Interesting hacker possibilities maybe.
Another issue that came up recently was the pump's lack of a default setting for bolus mode. Currently the forced default =last bolus mode. It would be VERY helpful would be a setting that allowed the user to select a default from a dropdown with these options:
Last Bolus
Normal Bolus
Dual Wave Bolus
Square Wave Bolus
This would prevent the serious highs that result from a rarely used dual wave followed by a bolus where the user just expects his normal bolus and doesn't push act enough to start the bolus on dual.
Mike
Amanda
Posted on Mon Aug 15 22:47:00 GMT 2011
Thanks for the feedback, Mike - we'll pass along to product development
Susan Cox
Posted on Sat Aug 20 13:16:02 GMT 2011
Please add my vote to this feature.
Thank you for posting on The LOOP!
We'll review your comment shortly. Please see our comment policy if you have any questions.
~The LOOP Team