Tldr: implanted medical device appears to use just a standard Bluetooth connection without any safeguards and is actually marketed to connect up to 8 meters away. Just how vulnerable are these devices? Has anyone researched them? Ideas on implementing security?
I’ve heard off and on about how cybersecurity just isn’t a consideration for those manufacturing and developing implanted medical devices. I figured it was just something lack of password protection or the developers just not thinking about it at all. That was until I got a medical pump installed and I asked the rep how they programed everything. Her answer was, Bluetooth…. ok I’m gonna hope it’s actually just a wireless nfc type thing that requires you to be close to it. Nope, on their website it shows a connector that pairs the device and a Samsung tablet that runs their app. Also I pulled up my available Bluetooth devices and they’re is a new one with a random ID now. Now I haven’t connected to it and I emailed them asking for information regarding how protected the device is from hacking but they haven’t responded. Has anyone seen any reports on just how vulnerable these devices are or if there are any safe guards against hacking them? Besides trying to make my ribs a Faraday cage I’m not sure what to really do about this and thought I’d ask what yall know, thanks