Cybersecurity: Page 2


  • A single opened padlock glows red among rows of closed blue padlocks.
    Image attribution tooltip
    JuSun via Getty Images

    Cybersecurity leads ECRI's list of top medtech hazards for 2022

    Cyber incidents can compromise patient care and attacks against hospitals have become more prevalent in recent years. However, ECRI said the worst consequences are preventable.

    By Jan. 18, 2022
  • Image attribution tooltip
    Sean Gallup via Getty Images

    FDA warns about Log4j cybersecurity vulnerabilities in medical devices

    The bugs in Apache's Java-based open source logging library could potentially allow unauthorized users to remotely impact the safety and effectiveness of device functionality, according to the agency.

    By Dec. 20, 2021
  • Image attribution tooltip
    Win McNamee via Getty Images
    Deep Dive

    Medical device security continues to be casualty of hospital-medtech divide

    FDA says manufacturers and hospitals are both responsible for protecting devices from growing cybersecurity threats. However, experts say healthcare providers carry a much heavier load.

    By Dec. 1, 2021
  • A single opened padlock glows red among rows of closed blue padlocks.
    Image attribution tooltip
    JuSun via Getty Images

    Cyber playbook sets out strategies for modeling threats to medical devices

    The FDA-funded guide arrives against a backdrop of calls from the agency for the medtech industry to step up its threat modeling throughout the device lifecycle in order to strengthen cybersecurity and patient safety.

    By Dec. 1, 2021
  • cyberattack, privacy, connection
    Image attribution tooltip
    Stock Photo via Getty Images

    Siemens software vulnerabilities potentially put millions of medical devices at risk

    A U.S. cybersecurity agency issued an alert about the vulnerabilities which could allow hackers to disrupt the operation of anesthesia machines and bedside monitors from multiple manufacturers.

    By Nov. 11, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images
    Deep Dive

    Will a software bill of materials help or hurt medical device cybersecurity?

    President Joe Biden's executive order calls for SBOMs, and the FDA wants to require premarket submissions to have an inventory of third-party device components. AdvaMed is concerned the data could be exploited by hackers.

    By Oct. 7, 2021
  • Medtronic expands 2 MiniMed insulin pump recalls on ring flaw, cyber risks

    The recalls have hit the medtech giant at a time when competitors Insulet and Tandem are ramping up in the insulin pump market and amid flagging sales in its diabetes unit.

    By Oct. 5, 2021
  • Image attribution tooltip
    Retrieved from AdvaMed on October 04, 2021

    MCIT, cyber, RWE and 3 more takeaways from AdvaMed's 2021 conference

    The medtech industry gathered virtually and in person for the lobby's annual conference, with topics ranging from the kill-off of the breakthrough device payment pathway to the pandemic upending CDRH's 2021 reset.

    Oct. 4, 2021
  • Ransomware attacks put availability of medical devices at risk: FDA cyber chief

    Industry reached a "watershed moment" earlier this year when a device outage caused by malware endangered patient lives, Kevin Fu, acting director of cybersecurity at CDRH said. "That was something we haven't seen before."

    By Oct. 1, 2021
  • Image attribution tooltip
    Max Pixel

    Quarter of providers saw mortality rates rise after ransomware attacks, survey finds

    Only 36% of healthcare organizations said they are effective in knowing where all their medical devices are, while just 35% indicated they know when a device's operating system is at end of life or out of date.

    By Rebecca Pifer • Sept. 24, 2021
  • FTC
    Image attribution tooltip
    Carol Highsmith. (2005). "Apex Bldg." [Photo]. Retrieved from Wikimedia Commons.

    FTC warns app makers fall under breach notification rule

    The agency noted that developers of health apps and connected devices are considered healthcare providers. Any unauthorized access, including sharing information without consent, would trigger the Health Breach Notification Rule.

    By Shannon Muchmore • Sept. 16, 2021
  • A sign for the Food And Drug Administration is seen outside of the headquarters on July 20, 2020, in White Oak, Maryland.
    Image attribution tooltip
    Sarah Silbiger via Getty Images

    FDA creates new office to drive forward digital transformation strategy

    Vid Desai, who will help lead the new Office of Digital Transformation, was also named as the agency's chief information officer. FDA is seeking an extra $75.9 million in the 2022 budget to support the modernization plan.

    By Sept. 16, 2021
  • Image attribution tooltip
    Permission granted by ECRI
    Q&A

    ECRI CEO: FDA, industry must revisit COVID-19 medical device EUAs as shortages ebb

    Marcus Schabacker spoke to MedTech Dive about patient safety, cyberattacks in healthcare and risks from the rise of at-home care.

    By Sept. 3, 2021
  • Image attribution tooltip
    Fotolia

    Outpatient facilities targeted for cyberattacks nearly as often as hospitals, data shows

    The number of breaches at healthcare organizations in the first half of this year was up significantly from the first half of last year, and higher than any six-month period since 2018, according to the Critical Insight report.

    By Hailey Mensik • Aug. 30, 2021
  • FDA warns of BlackBerry cyber vulnerability in medical devices

    The operating system is often deployed in devices such as cardiac and patient monitors, drug infusion pumps, imaging and surgical robots, according to Nick Yuran, CEO of security consultancy Harbor Labs.

    By Aug. 18, 2021
  • HIMSS21 header photo for health conference news
    Image attribution tooltip
    Adeline Kon/MedTech Dive
    Deep Dive

    Predicting the future of healthcare: 10 takeaways from HIMSS21

    Along with "guarded optimism" on the current state of the pandemic, some 19,000 on-site attendees in Las Vegas mulled what's next for AI, telehealth, cybersecurity, mental health and more.

    By Rebecca Pifer , Hailey Mensik • Aug. 17, 2021
  • A sign for the Food And Drug Administration is seen outside of the headquarters on July 20, 2020, in White Oak, Maryland.
    Image attribution tooltip
    Sarah Silbiger via Getty Images

    FDA seeks more power for medical device cybersecurity mandates

    CDRH wants to require medtechs to have a Software Bill of Materials ready upfront as part of a premarket submission, as well as the capability to update and patch device security into a product's design.

    By Aug. 17, 2021
  • Suzanne Schwartz, Director of CDRH's Office of Strategic Partnerships and Technology Innovation
    Image attribution tooltip

    Image courtesy of FDA

    Medtechs need to up their cybersecurity threat modeling game, FDA says

    The agency "will be looking for much more detailed and comprehensive" cyber threat models as part of premarket review, said Suzanne Schwartz, director of CDRH's Office of Strategic Partnerships and Technology Innovation.  

    By Aug. 13, 2021
  • Photo of health visual at cybersecurity HIMSS21
    Image attribution tooltip
    Rebecca Pifer/MedTech Dive

    Should healthcare organizations pay to settle a ransomware attack? Experts weigh in at HIMSS21

    "I don't think there's a single yes or no," said Michael Coates, former chief information security officer for Twitter.

    By Rebecca Pifer • Aug. 11, 2021
  • Cybersecurity priorities 2020
    Image attribution tooltip
    Yujin Kim/MedTech Dive

    Growing cyberattacks on hospitals may soon hit bottom lines, patient care: Fitch

    The increased use of smart monitoring devices, telehealth and other virtual care capabilities are putting patient data at risk, the report said. CT scanners and MRI machines were not necessarily designed with "cyber risk in mind."

    By Ron Shinkman • July 26, 2021
  • Image attribution tooltip

    FDA

    Q&A

    FDA wants to require timely updates, patches for legacy devices: cyber chief

    Kevin Fu, acting director of device cybersecurity, spelled out the agency's plans to protect aging devices from hackers. There's no current statutory requirement compelling manufacturers to address the problem.

    By June 30, 2021
  • cyberattack, privacy, connection
    Image attribution tooltip
    Stock Photo via Getty Images

    More than 1/3 of health organizations hit by ransomware last year, report finds

    Of those attacked, 65% said the criminals were successful in encrypting their data, according to the report from cybersecurity company Sophos.

    By Rebecca Pifer • June 24, 2021
  • Medicare lacks cyber oversight of hospitals' networked medical devices: OIG

    Without proper cybersecurity controls, these devices can be compromised with the potential for patient harm, according to the HHS watchdog. OIG wants CMS to do more to address hospital vulnerabilities.

    By June 24, 2021
  • Deep Dive

    Legacy medical devices, growing hacker threats create perfect storm of cybersecurity risks

    Aging medtech and increasingly sophisticated criminals are leaving hospitals highly vulnerable to attacks.

    By June 22, 2021
  • Image attribution tooltip
    Jacob Bell

    FDA seeks feedback on distinction between device remanufacturing and servicing

    The long-awaited draft guidance is meant to clarify a blurry line between the two processes. The Medical Imaging and Technology Alliance contends remanufacturing is being done by unregulated third-party device servicers.

    By June 18, 2021