Cybersecurity in cardiac implantable electronic devices

Abstract

Introduction: Cardiac implantable electronic devices (CIEDs) integrate numerous automatic and monitor functions. Nowadays, most CIEDs are connected to the Internet (via Wi-Fi, Bluetooth or smartphone) to ensure remote monitoring of technical and clinical data: despite the importance of such a monitoring, especially from a clinical point of view, concerns have been raised about information (IT) security in terms of both privacy and security for CIEDs' carriers.

Areas covered: This review will provide an outline of remote monitoring of CIEDs, main IT security issues that have affected them so far, main cybervulnerabilities and possible solutions.

Expert opinion: Although there is no evidence that cyber-attacks have been carried out against any CIED so far, they may occur in the future. Cyber-attacks are usually aimed at stealing sensitive information or granting access to the IT systems to which CIEDs are connected; the possibility of an active reprogramming of CIEDs by cyber-attacks is extremely low. Political, regulatory, scientific, and clinical integration is essential to provide not only effective IT solutions for CIEDs and their carriers, but also for the development of educational programs; it should also promote cooperation between stakeholders in order to reduce the risk of CIEDs' cybervulnerability and increase patient safety.

Keywords: CIEDs; Cardiac implantable electronic devices; cyber; cybersecurity; hacking; remote monitoring; threats.