Cardiac devices and cyber attacks: How far are they real? How to overcome?

Abstract

Cardiac implantable electronic devices (CIEDs) include bradycardia pacemakers, defibrillators, and cardiac resynchronization therapy devices. These devices are proven to save lives and improve quality of life in indicated patients. Recent advances in CIED technology allow interrogating and transmitting data stored in these devices wirelessly through radiofrequency or Bluetooth technology and more recently through smartphones.¹ Remote monitoring of CIED uses telemetry and IP connectivity to transmit data from devices to the cloud and eventually to hospitals/clinics monitoring them. There has been overwhelming evidence in support of remote monitoring of CIEDs, improving patient outcomes, survival, and hospitalization.² Therefore, guidelines recommend remote monitoring for all CIEDs.³ Remote monitoring allows frequent checks reducing clinic visits, improving efficiency of medical resources and timely intervention in patients with clinical events. Although internet of things (IOT) dependency is increasing, advantages of connectivity and data transfer come with a price of hacking, resulting in malfunction of computers, misuse of stolen data, or medical extortion. Therefore, cybersecurity has become a necessity in this digital world. Medical devices using net connectivity expose themselves to cyber attacks. Fortunately so far no hacking or cyber attack has been reported in patients with CIEDs, and most literature focuses on proof of concept and in-the-research laboratory scenarios. Although documented clinical events have not yet happened, the threat is real. It is essential to be well prepared for this potential but serious threat. It is imperative that device manufacturers, regulatory bodies, medical professionals, and patients all work together to prevent, identify, and mitigate cyber threat.

Keywords: CIED; Cybersecurity.