June 14—As more medical devices house computer systems and connect wirelessly to hospital networks and other equipment, there is an increased risk of cybersecurity breaches, which could affect how medical devices operate according to a recent safety communication from the U.S. Food and Drug Administration (FDA).

The safety brief outlines several cybersecurity vulnerabilities and incidents of which the FDA is aware, including medical devices infected or disabled by malware; the presence of malware on hospital computers, smartphones, and tablets; and uncontrolled distribution of passwords.

The FDA is recommending that medical device manufacturers and healthcare organizations pursue appropriate safeguards to reduce the risk of medical device failure due to cyberattack. Following are some of the recommendations included in the communication that are directed at healthcare organizations: 

  • Restrict unauthorized access to the organization network and networked medical devices
  • Make certain appropriate antivirus software and firewalls are up-to-date
  • Monitor network activity for unauthorized use
  • Develop and evaluate strategies to maintain critical functionality during adverse conditions 

Publication Date: Friday, June 14, 2013