The Internet of Things doesn’t just mean your TVs, refrigerators, ACs, surveillance cameras, mobile phones, washing machines, smartwatches, light bulbs, water heaters, lawn sprinklers, cars, PCs and laptops and bicycles are going to be connected to each other through the Internet. Since data is to be gathered from almost every electronics device operational, it means that even your pacemaker is connected to the Internet, and if it is connected to the Internet, it can be hacked and controlled remotely.
Not just your pacemaker, any device that you may have embedded inside your body or gotten planted inside and that needs to be connected in order to maintain your vital signs, is open to hacking.
Just imagine, there is a device that tells you that you need to take an insulin injection and based on the vital signs being given by your body, it also recommends the dosage. What if someone hacks into the device and tells you to take more insulin or less insulin to make you sick, or even to kill you?
Considering the risks involved, the US Food and Drug Administration issued a guidelines draft last January advising manufacturers of medical equipment and devices and their associated software applications to take precautions that these devices and software applications are free of bugs and vulnerabilities that allow hackers to get access to these devices.
The FDA, according to this Verge report, has been warning the health industry for many years about the vulnerabilities to cyber attacks existing in these medical devices. Recently, millions of small devices were used to mount one of the biggest DDoS attacks. Even if the hackers don’t directly target medical equipment, they may, in their ignorance, try to use these devices and equipment to control attacks on other targets. Since all these devices are connected to the Internet they can be used as hosts to large-scale cyber attacks.
Researchers have already, remotely, tampered with devices like pacemakers, defibrillators and insulin pumps to demonstrate that they can be hacked. FDA warned hospitals in 2015 that the Hospira infusion pump that controls the release of nutrients and medications into a patient’s body, could be easily accessed and controlled using the hospital’s network. Patients can be irreparably harmed by giving too little or too much medication, purposely or inadvertently.
If nothing else, the hospital network can be used for identity theft because most of the patients confidential information is available in the hospital database.
Cyber security is going to be a big problem as more and more devices get connected to the Internet of Things. Embedded artificial intelligence, as it gets more advanced, is going to be more affordable and easier to install. It means more devices like washing machines, installation pumps and air conditioners are going to be equipped with intelligent devices connected to the Internet and since they will be connected to the Internet, they will be vulnerable to cyber attacks and these attacks can cause havoc of a very large scale.