For the past several years, Medtronic has been in a difficult situation as its pacemakers have been deemed as susceptible to hacking. In attempts to better security, Medtronic is partnering with Sternum, an Internet of Things (IoT) cybersecurity startup based in Israel.
Medtronic’s pacemakers are known to be vulnerable during the update process. The remote systems used during this process have been allowing even “low” skilled hackers to gain access to the devices. Medtronic tried to combat this problem with the short-term solution to disconnect the devices from the Internet, but this was also a risky move.
Sternum has created a platform that is able to secure IoT devices through a software update. The platform consists of a real time monitoring system that automatically updates when potential threats are detected. Through this partnership, about 100,000 Medtronic devices have already been secured.
Sternum’s founder and CEO Natali Tshuva said, “There’s this endless race against vulnerability, so when a company discovers a vulnerability, they need to issue an update, but updating can be very difficult in the medical space, and until the update happens, the devices are vulnerable…Therefore, we created an autonomous security that operates from within the device that can protect it without the need to update and patch vulnerabilities.”
Through medical devices such as pacemakers, hackers may harm patients and even gain access to hospital networks. This partnership will help protect patients and their information, as well as prevent larger scale data breaches. Tshuva also believes that this partnership is a long-term solution that may aid in future developments.
Health systems reportedly receive more data breaches than other sectors. According to Health IT Security, in 2020 79% of all breaches occurred within health systems. The first ten months of 2020 also saw a 45% increase in cyberattacks on health systems.
Now, with Sternum’s platform, devices will be able to protect themselves against outside threats and update in a less vulnerable manner. Medtronic has revealed that after securing all of its devices, there have been no cyber-attacks, privacy breaches, or harmed patients.