Cybersecurity


  • Becton Dickinson logo
    Image attribution tooltip
    Permission granted by Becton Dickinson

    Vulnerability of BD’s infusion pumps flagged by US cybersecurity agency

    An attacker with physical access to the device could exploit the vulnerability to change the configuration settings or disable the pump.

    By Dec. 5, 2022
  • Team of surgeons operating on patient in hospital - stock photo Four doctors in hospital operating room with patient lying on operating table. Surgical lights shining on medical team performing operat
    Image attribution tooltip
    Johnny Greig via Getty Images

    Here are 10 of the biggest medtech stories of 2022

    MedTech Dive reporting this year has explored how companies maintained momentum even amid supply shortages and rising inflation rates.

    By MedTech Dive staff • Dec. 3, 2022
  • Picture of a cybersecurity lock
    Image attribution tooltip
    iStock via Getty Images

    HHS cybersecurity center warns of new ransomware threat

    Venus ransomware has attacked targets worldwide, including at least one U.S. health group, since it was first identified in mid-August.

    By Nov. 14, 2022
  • A sign for the Food And Drug Administration is seen outside of the headquarters on July 20, 2020 in White Oak, Maryland.
    Image attribution tooltip
    Sarah Silbiger via Getty Images

    FDA seeks feedback on plans to draft and finalize medical device guidance in 2023

    The agency’s review includes guidance on transitioning away from emergency use authorizations, while abandoning plans for guidance on software as a medical device.

    By Oct. 19, 2022
  • GE advances healthcare spinoff plan, providing close look at workings of the unit

    Localization requirements, third-party servicers, and more sophisticated data security threats are cited as risks to the healthcare unit.

    By Oct. 13, 2022
  • Image of a cervical cell testing machine, the BD Totalys™ MultiProcessor
    Image attribution tooltip
    Courtesy of Becton, Dickinson and Company

    BD discloses cybersecurity vulnerability in cervical cytology processing machine

    The company is advising users to address the threat by restricting access to the instrument while it works on a software patch.

    By Oct. 6, 2022
  • Close up of hands typing on a keyboard illuminated in orange.
    Image attribution tooltip
    Sean Gallup/Getty Images via Getty Images

    Cyber risks identified in Canon Medical product used to view medical images, security firm says

    Vulnerabilities in Canon Medical’s Vitrea View product could provide access to patient information and other services, according to cybersecurity firm Trustwave Spiderlab.

    By Ricky Zipp • Updated Sept. 30, 2022
  • Image attribution tooltip
    Sarah Silbiger via Getty Images

    FDA makes case for ‘new regulatory paradigm’ amid hurdles in software-oversight program

    The agency seeks to tailor requirements based on the latest science, the benefits and risks posed by devices, their real-world performance and their contribution to promoting health equity.

    By Sept. 27, 2022
  • A Medtronics diabetes device
    Image attribution tooltip
    Courtesy of https://news.medtronic.com/MiniMed-R-670G-Hybrid-Closed-Loop-System#assets_34137_21-122

    Medtronic issues urgent notice about MiniMed insulin pump system vulnerability

    Unauthorized users could hack into the device while it’s being set up, and cause the pump to deliver too much or too little insulin, potentially resulting in outcomes including death.

    By Sept. 21, 2022
  • FBI headquarters
    Image attribution tooltip
    Mark Wilson/Getty Images via Getty Images

    FBI warns of cyber risks from legacy medical devices

    Outdated device software can put data, patient safety and hospitals’ operations at risk, the top U.S. law enforcement agency warned.

    By Ricky Zipp • Sept. 15, 2022
  • A baxter spectrum infusion pump
    Image attribution tooltip

    Website of medical device sales form: https://spwindustrial.com/baxter-sigma-spectrum-infusion-pump-s-w-ver-8-with-dual-antenna-wireless-batt/?gclid=Cj0KCQjwpeaYBhDXARIsAEzItbFttwA55ImqoesvcmNYfm6od_td4SGgOeNOqFOQohCiU_ci1yN-oHsaAqiFEALw_wcB

    Cybersecurity firm finds vulnerabilities in Baxter’s Sigma infusion pumps

    The weaknesses could allow attackers to access Wi-Fi data and make the device unavailable.

    By Updated Sept. 8, 2022
  • Individual types on a backlit keyboard.
    Image attribution tooltip
    Sean Gallup via Getty Images

    ‘Underfunded’ FDA falls short in ensuring medical devices protect against cyberattacks, experts say

    Medical device manufacturers argue the agency’s current rules on cybersecurity requirements are too restrictive and should be phased in gradually.

    By Aug. 11, 2022
  • Professional photo of Kevin Fu
    Image attribution tooltip
    Permission granted by Kevin Fu
    Q&A

    Friday Q&A: FDA’s former medical device cybersecurity director says more investment needed in staffing

    The FDA and medtech companies will need more cybersecurity staff to stay ahead of hackers, says Kevin Fu, who is now focused on building that workforce for the government, private sector and academia.

    By Aug. 5, 2022
  • A person receives a blood glucose reading through DarioHealth's smartphone app
    Image attribution tooltip
    Permission granted by DarioHealth

    Lack of payment pathway clarity hinders digital therapeutics, analysts say

    The report warns of a sector beset by payment issues, “snake oil” and “middling adoption.”

    By July 15, 2022
  • DHS warns cybersecurity vulnerabilities in Illumina software could affect test results

    Three of the flaws outlined by the Department of Homeland Security received the highest risk score. Vulnerabilities could allow attackers to remotely alter the results generated by Illumina products.

    By June 6, 2022
  • DHS, homeland security
    Image attribution tooltip
    Photo illustration by Danielle Ternes/MedTech Dive; photograph by spainter_vfx via Getty Images

    BD's Pyxis medication dispenser gets fifth DHS cybersecurity alert in 5 years

    The company said there are no known public exploits that specifically target a password vulnerability and that it's working to address the problem.

    By June 1, 2022
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Employees cause more cyber breaches in healthcare than other industries, report finds

    Employees were responsible for 39% of healthcare breaches last year. That's compared to 18% across all industries, according to new Verizon research.

    By Rebecca Pifer • May 27, 2022
  • Image attribution tooltip
    Stefan Zaklin via Getty Images

    House user-fees bill details clinical trial diversity, cybersecurity requirements

    The legislation would let the FDA bring in $1.78 billion in fee revenue from 2023 to 2027 to fund the review of medical devices. That amount could increase to $1.9 billion if the agency meets certain performance goals.

    By May 10, 2022
  • Image attribution tooltip
    Brian Tucker

    CDRH's Shuren expects center to return to normal this year despite ongoing COVID work

    Jeff Shuren, the director of the FDA's Center for Devices and Radiological Health, also stressed the need for increased cybersecurity and supply chain funding and authority during an event on April 29.

    By Ricky Zipp • May 2, 2022
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Medtech survey finds widespread cybersecurity noncompliance despite rising investment

    Over 80% of respondents see device security as a competitive advantage and almost every company budgeted more money for it this year. However, 80% view the issue as a "necessary evil" imposed by regulators.

    By April 21, 2022
  • Suzanne Schwartz, Director of CDRH's Office of Strategic Partnerships and Technology Innovation
    Image attribution tooltip

    Image courtesy of FDA

    FDA official: Draft cybersecurity guidance has 'teeth'

    Not following the guidance in premarket submissions means potential delays for device makers, said Suzanne Schwartz, director of CDRH's Office of Strategic Partnerships and Technology Innovation.

    By April 11, 2022
  • Image attribution tooltip
    sturti/E+ via Getty Images
    Sponsored by Skyflow

    Going beyond HIPAA compliance is worthwhile

    Just because HIPAA doesn't require the use of data governance technology doesn't mean you can do without it.

    April 11, 2022
  • The sign identifying the FDA headquarters in front of its building in White Oak, Maryland.
    Image attribution tooltip
    Sarah Silbiger via Getty Images

    FDA clarifies cybersecurity recommendations for device makers in new guidance

    The draft guidance, which replaces a 2018 document, sets recommendations for how medical device companies should approach cybersecurity in premarket submissions and maintaining products throughout their lifecycle.

    By April 7, 2022
  • United States Senate Russell Office Building Rotunda
    Image attribution tooltip
    DK Fielding via Getty Images

    Senators drill down on rising user fees, cybersecurity and clinical trial diversity in MDUFA hearing

    While Tuesday's Senate hearing did not include FDA officials, lawmakers questioned industry groups as they consider the MDUFA V agreement that would increase the amount the agency can collect in fees from device makers.

    By April 6, 2022
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/MedTech Dive; photograph by yucelyilmaz via Getty Images

    CISA warns about cyber flaw in Philips MRI monitoring software

    Philips' e-Alert has a vulnerability that could allow an unauthorized user to remotely shut down the system, the U.S. Cybersecurity and Infrastructure Security Agency said in an advisory.

    By March 30, 2022