A vulnerability was disclosed this past week affecting insulin pumps made by Johnson & Johnson. These devices, controlled via a wireless remote, lack any means of ensuring that only the intended remote could control the pump. A motivated individual in close proximity to the user could, in theory, cause their injury or death by significantly increasing the amount of insulin being administered.

There have been numerous similar product vulnerabilities disclosed in recent months, including a disputed report involving cardiac devices made by one manufacturer. Some have said that unaddressed vulnerabilities are common in healthcare because it is such a financially sensitive industry, with its leaders not wanting to spend extra money to get a more secure product that performs the same medical function. As the hosts of the Down the Security Rabbithole podcast said in this week’s broadcast, however, all industries are finally sensitive.

To read this article in full or to leave a comment, please click here