Former Vice President Dick Cheney revealed his heart defibrillator's wireless feature was disabled to prevent hackers launching an assassination attempt.
Last year, the late Barnaby Jack demonstrated at the Breakpoint security conference that implantable cardioverter-defibrillators and pacemakers could be commanded to shock the heart by a wireless attacker located up to 30 feet away.
The devices could be sent into continuous shocking loops and could even then attack other nearby devices.
In his talk, Jack said the attacks could be used in targeted assassinations and pointed out to the small crowd that Cheney was among prominent identities who used the devices.
On a 60 minutes US broadcast, it was revealed Cheney's handlers believed he could be killed by attackers.
“It seemed to me to be a bad idea for the vice president of the United States to have a device that maybe somebody on a rope line or in the next hotel room or downstairs might be able to get into, hack into,” Cardiologist Dr. Jonathan Reiner said, before telling Cheney he "worried that someone could kill you".
It comes as the US Center for Internet Security launched an effort to develop the first security control guidelines for internet-enabled medical devices.
CEO Will Pelgrin said Cheney's revelations bring an “additional reality” to the need to provide overarching security guidance for medical device manufacturers, health care entities and security experts.
“What we want to do is marry the manufacturers' understanding of those devices – making sure they don't lose any of their functionality… while at the same time making sure they are as secure as they can be,” Pelgrin said.
- With Darren Pauli