Dick Cheney's wireless heart monitor was modified to curb hacking threat

Share this article:

A personal account by former Vice President Dick Cheney appears to have brought further credence to hacking concerns about implanted medical devices.

On Sunday, Cheney revealed that during his term as VP, his heart defibrillator's wireless feature was disabled for fear of an assassination attempt via a “terrorist” hack.

Dr. Sanjay Gupta interviewed Cheney, who appeared on 60 Minutes (video) along with his longtime cardiologist Dr. Jonathan Reiner.

Cheney's handlers believed that a saboteur could kill him by sending a signal to the wireless heart device, “telling it to shock his heart into cardiac arrest,” Gupta revealed during the episode.

During the interview, Reiner also weighed in on the decision in 2007 to take additional security measures.

“It seemed to me to be a bad idea for the vice president of the United States to have a device that maybe somebody on a rope line or in the next hotel room or downstairs might be able to get into, hack into,” Reiner said, before addressing Cheney. “And I worried that someone could kill you," he added.

Cheney attested that the heavily discussed television episode of Homeland, in which a fictional vice president's pacemaker is hacked as part of a fatal terrorist plot, was “an accurate portrayal” of something that could actually happen.

Researchers like Jay Radcliffe, of Washington, D.C.-firm InGuardians, and the late Barnaby Jack, have demonstrated just how vulnerable medical devices are to attacks at various hacking conferences.

And more recently, the Center for Internet Security (CIS), a New York-based nonprofit focused on improving organizations' cyber security readiness, recently launched an effort to develop the first security control guidelines for internet-enabled medical devices.

On Monday, Will Pelgrin, CEO of CIS, told SCMagazine.com that Cheney's revelations bring an “additional reality” to the need to provide overarching security guidance for medical device manufacturers, health care entities and security experts.

“What we want to do is marry the manufacturers' understanding of those devices – making sure they don't lose any of their functionality… while at the same time making sure they are as secure as they can be,” Pelgrin said.

So far, Albany Medical Center in New York has joined the effort, called the CIS Medical Device Security Benchmark Initiative, along with nonprofits, which include the Medical Device Innovation, Safety and Security Consortium (MDISS).

Within the next few weeks, CIS plans to hold a webcast (time TBA) discussing the next steps of the initiative.

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.