informa
/
IoT
Quick Hits

St. Jude Says Muddy Waters, MedSec Video Shows Security Feature, Not Flaw

Feud between St. Jude Medical and Muddy Waters and MedSec continues with the former reiterating safety feature of its implantable devices.

St. Jude Medical has refuted the recent flawed-device allegation made by Muddy Waters Capital and MedSec and has issued a statement saying the “flaw” was actually a “security feature.” Muddy Waters and cybersecurity firm MedSec had released a video on August 29 to demonstrate that some of St. Jude’s implantable devices were soft targets of cyberattacks.

“We want our patients to know that they can feel secure about the cybersecurity protections in place on our devices,” said Michael T. Rousseau of St. Jude Medical adding that the “crash” implied by the Muddy Waters video was in reality a display of the Radio Frequency (RF) Telemetry Lockout security feature of the company’s pacemakers.

“If attacked, our pacemakers place themselves into a 'safe' mode to ensure the device continues to work,” further elaborated Phil Ebeling of St. Jude Medical.

St. Jude claims its implantable devices include features that bring down dangers of unauthorized commands issued to them and thwart crash attacks.

For full press statement, click here.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5