Return of the Guru

Attacks on Implanted Medical Devices Could be a Problem for Insurers

Ara Trembly
Insurance Experts' Forum, July 18, 2011

When we think of criminals and mischief-makers cracking into our computer systems, our primary concern, quite correctly, is the loss of valuable and confidential data associated with our insurance business.  Now, however, it seems the danger could be more personal—at least for the millions around the world who have implantable medical devices. 

According to a recent posting on ScienceDaily, such medical devices, from pacemakers and defibrillators to brain stimulators and drug pumps, are implanted in 300,000 people worldwide every year (in addition to the millions already implanted). Most such devices have wireless connections, so that doctors can monitor patients' vital signs or revise treatment programs. But recent research has shown that this leaves the devices vulnerable to attack.   

The posting describes a worst-case scenario in which an attacker could kill a victim by instructing an implantable device to deliver lethal doses of medication or electricity.  While we could see that happening in a Robert Ludlum novel, however, it’s probably not the kind of thing that keeps life or health insurers up at night.  On the other hand, suppose such an intervention were used to help keep a patient “sicker”—perhaps extending benefits for an individual who was otherwise recovering well? 

While this is still in the speculative stage, we would do well to consider the relative lack of security for such devices, since their abuse or even misuse could have insurance implications.  Wireless communication is well known to be poorly secured, and while we may be willing to take that risk to do call things on our iPhones, it’s a different story when one’s health or life may be on the line. 

As I have said many times before, computer communication and data storage are relatively fragile enterprises.  Putting aside the Ludlum-style political assassination scenario, it still seems very risky to implant devices that can apparently be easily hacked into.  Whatever the purposes of the attacker, one thing is clear, this kind of danger is far too personal and sinister to be ignored—or written off as a cost of doing business. 

Is there a solution?  It seems there is, but the key question is when or if the solution will be implemented. According to ScienceDaily, researchers are looking at a new system for preventing such attacks. The system would use a second transmitter to jam unauthorized signals in an implant's operating frequency, permitting only authorized users to communicate with it. Because the jamming transmitter, rather than the implant, would handle encryption and authentication, the system would work even with existing implants.  The researchers envision that the jamming transmitter (a shield) would be small enough to wear as a necklace or a watch, says the posting.  

Perhaps the other rub here is how health insurers will treat such devices in terms of compensating insureds.  As the technology moves ahead, the industry needs to consider how it will respond. 

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

 

 

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

With Google Favoring Mobile, Will The Industry Take it Seriously?

Google’s search engine will now will favor mobile friendly content over traditional website content; within the insurance industry, the greatest initial impact is likely to be felt by insurance distributors.

Why Some Technologists Get Cold Feet on Mobile

There are those who believe that favoring one channel or mode over another will lead to even more silos and dysfunction than we already have in many organizations.

Insurance IT Spending and Budgeting Benchmarks

New research from Novarica highlights areas of concern and offers insights on insurers spending and budgeting decisions.

Enterprise Mobilemania Continues Unabated

More than half of companies are spending more on developing mobile applications -- but are they more efficient?

Why Insurers Need More Than a Policy Admin System

For some insurers, not being able to handle the volume of quotes that are being submitted to them means leaving significant money on the table.

The Pitfalls of Using Assembly Line Methods to Create Software

Most of the time, when the business needs IT, it is for custom software development, just like creating a concept car.