Timeline: The industry gets serious about device hacking
Last month, Medtronic ($MDT) agreed to sit down with Jay Radcliffe, the man who, one year before, got a cold shoulder from the company after he revealed that his insulin pump could be hacked.
It was a change in tune for the big-time devicemaker, and Medtronic's shift is indicative of the industry as a whole, as regulators, watchdogs and many devicemakers seem to be taking quite seriously the often tenuous security of medical devices.
With that in mind, we teamed up with FierceCIO TechWatch to bring you an interactive timeline that illustrates how things have changed over just a few years. Back in 2010, The New England Journal of Medicine published an article warning that hackers may target implantable medical devices--in 10 years. At the time, Medtronic described the risk as "extremely low."
In the ensuing years, however, the chorus has grown too loud for the industry to ignore. Kevin Fu, of the University of Massachusetts, demonstrated that some pacemakers could easily be hacked to deliver a fatal charge, and Radcliffe, using a radio frequency, was able to interfere with his insulin pump. Eventually, higher powers took notice. The Department of Homeland Security issued a warning to the FDA about device software security, and a federal advisory board urged the agency to start vetting the source code of candidate techs to ensure they're secure.
While the industry has hardly solved the problem today, Medtronic's willingness to talk openly about it, and the FDA's recent move to look harder at mobile software, are signs of progress. Begging for public-private collaboration in biotech is something of a tired refrain nowadays, but safer devices won't come about on their own; it's going to take an honest dialogue between devicemakers, academics and regulators.