"FDA Informs Patients, Providers and Manufacturers About Potential Cybersecurity Vulnerabilities in Certain Medical Devices with Bluetooth Low Energy"
The U.S. Food and Drug Administration (FDA) cautions patients, healthcare providers, and manufacturers about a set of cybersecurity vulnerabilities, dubbed "SweynTooth" contained by certain medical devices with wireless communication technology known as Bluetooth Low Energy (BLE). According to the FDA, the exploitation of these vulnerabilities could allow unauthorized users to disable or disrupt the proper functioning of medical devices, such as pacemakers, glucose monitors, ultrasound devices, insulin pumps, electrocardiograms, and more. The FDA brings further attention to the increased vulnerability of medical devices to attacks due to the growing connectivity of these devices. Medical device manufacturers are encouraged to remain alert to cybersecurity vulnerabilities and to address vulnerabilities by disclosing vulnerabilities in a coordinated manner and sharing strategies for mitigation. This article continues to discuss the growing vulnerability of connected medical devices, the SweynTooth family of cybersecurity vulnerabilities, which medical devices are affected by the weaknesses and recommendations from the FDA on how medical device manufacturers can mitigate these security flaws.