image credit: Pixabay

FDA issues alert on cybersecurity vulnerabilities in Medtronic devices

The issues were found in Conexus telemetry technology, which uses wireless radio frequency (RF) channels to enable Medtronic programmers and monitoring accessories to remotely transfer data from a patient’s cardiac device to a specific healthcare clinic.

Clinicians use the technology to display and print device information in real-time and programme implanted device settings.

Transmitted data is not encrypted and does not require authentication or authorisation. This could be exploited to enable an unauthorised individual to access and alter the devices.