A threat actor can exploit these vulnerabilities to hijack Medtronic devices and modify how much insulin should be administered to a patient.
Medtronic, a well-known medical device maker, has recalled the remote controllers used with some of the company’s insulin pumps because of inherent vulnerabilities that could lead to injury or death.
Threat actors can hijack the devices to modify how much insulin should be administered to a patient. The recall was announced about a team of cybersecurity researchers discovering a series of vulnerabilities in 2018.
A Class 1 Recall
The recall of MiniMed 508 and Paradigm series insulin pumps remote controls MMT-500, and MMT-503 was decided in June 2019. This is a huge blow to Medtronic as it comprises 60% of the insulin pump market currently.
The Food and Drug Administration (FDA) stated that it is a Class 1 recall, which is the most serious and urgent kind of threat as such devices can cause severe injuries to the patient or may even lead to death.
“Using specialized equipment, an unauthorized person could instruct the pump to either over-deliver insulin to a patient, leading to low blood sugar