Johnson Johnson Warns that Insulin Pump Could be Vulnerable to HackersOct 12, 2016
Johnson & Johnson is advising patients that hackers could exploit a cyber security bug in one of its insulin pumps to overdose diabetic patients with insulin. Johnson & Johnson describes the hacking risk as low.
Medical device experts say this may be the first time a manufacturer had issued such a warning to patients about a cyber vulnerability, Reuters reports. The vulnerability to hacking has been a concern in the medical device industry following recent revelations about possible vulnerabilities in pacemakers and defibrillators.
Though J&J executives said they knew of no examples of attempted hacks, the company is warning users of the J&J Animas OneTouch Ping insulin pump of the danger and advising them how to fix the problem, according to Reuters. In letters mailed out Monday to doctors and about 114,000 pump users in the United States and Canada, J&J wrote, "The probability of unauthorized access to the OneTouch Ping system is extremely low."
A Johnson & Johnson spokesman told NBC News that the OneTouch Ping pump is 12 years old and that newer devices have more security. A hacker would have to be within 25 feet of the device to affect the signal, according to Reuters.
A month ago, a cyber security research firm went public with allegations of potentially life-threatening cyber vulnerabilities in heart devices from St. Jude Medical Inc. Though St. Jude said the allegations were false, the U.S. Food and Drug Administration (FDA) began an investigation. The FDA is preparing to release formal guidance on how medical device makers should handle reports about cyber vulnerabilities. J&J said it reviewed the matter with the FDA before sending the letter to doctors and pump users.
An early draft of the FDA guidance calls for device makers to work with security researchers, identify steps to mitigate risks, and provide patients with information about bugs so they can "make informed decisions" about device use. J&J executives told Reuters that they worked on the security problems with Jay Radcliffe, a diabetic and a well-known medical-device hacking researcher with the cyber security firm Rapid7 Inc. Radcliffe reported vulnerabilities in the pump to the company in April.
An insulin pump attaches to the patient's body and injects insulin through catheters, Reuters explains. The Animas OneTouch Ping has a wireless remote control so that the patient can direct the pump to inject insulin without having to access the pump itself. The pump is often worn under clothing and therefore can be awkward to reach.
Radcliffe said he identified ways for a hacker to spoof communications between the remote control and the OneTouch Ping insulin pump, potentially forcing the pump to deliver unauthorized insulin injections. Too much insulin could cause hypoglycemia- low blood sugar-which can be life threatening, according to Brian Levy, chief medical officer with J&J's diabetes unit. Company technicians were able to replicate Radcliffe's findings, confirming that a hacker could order the pump to dose insulin from a distance of up to 25 feet, though Levy said such attacks are difficult to do because they require specialized technical expertise and sophisticated equipment. Radcliffe believes OneTouch Ping users would be safe if they follow the steps outlined in J&J's letter, Reuters says.
According to the Mayo Clinic, symptoms of hypoglycemia tend to come on quickly. Symptoms include dizziness, shakiness, sweating, hunger, irritability or moodiness, anxiety or nervousness, headache. It is important for a person with diabetes to recognize his or her usual symptoms of hypoglycemia and act promptly before the condition becomes dangerous.