Medtronic Partners with Sternum to Enhance Pacemaker Cybersecurity

Cybersecurity Enhancements for Cardiac Pacemakers

Concerns regarding cyberattacks have extended to critical medical devices. Medtronic, a leading medical device manufacturer, faced scrutiny in recent years due to vulnerabilities in its pacemakers. These vulnerabilities stemmed from exploits targeting their internet-based software update mechanisms.

The core of the problem wasn't the devices themselves, but rather the remote systems utilized for updates. A previous mitigation strategy employed by Medtronic involved disconnecting devices from the internet. However, this approach introduced its own set of potential complications.

A New Partnership with Sternum

Natali Tshuva, founder and CEO of Sternum, an Israeli IoT cybersecurity startup, explained that Medtronic sought a lasting solution for future device development. Sternum has already implemented security measures on approximately 100,000 Medtronic devices.

Sternum’s technology enables medical devices to defend themselves in real-time. This proactive approach is a significant advancement in device security.

“The discovery of a vulnerability typically necessitates an update,” Tshuva stated in an interview with TechCrunch. “However, updating medical devices can be complex, leaving them vulnerable until the update is applied. We’ve developed an autonomous security system operating within the device itself, providing protection without requiring updates or vulnerability patching.”

Protecting newly manufactured devices is generally simpler than securing older, legacy systems. As hacking techniques become increasingly sophisticated, medical device companies must address the security of devices already in use.

“There are potentially billions of connected medical devices currently in operation, presenting a substantial security and management challenge,” Tshuva cautioned.

Broader Implications for Healthcare Security

Beyond the risk to individual patients, compromised devices can serve as entry points into hospital networks. Hackers exploit these vulnerabilities to initiate breaches affecting a wider range of individuals.

Hospital networks are typically secured with internal defenses, but unprotected devices connected to these networks can bypass these safeguards. In fact, the healthcare sector experiences the highest number of data breaches, accounting for 79% of all reported incidents in 2020.

Data from Health IT Security indicates a 45% surge in cyberattacks targeting health systems during the first ten months of the previous year.

Sternum’s IoT Platform

Alongside its collaboration with Medtronic, Sternum has launched a new IoT platform. This platform empowers devices to maintain their security, even when offline, according to Tshuva.

Having secured approximately $10 million in funding, Sternum extends its cybersecurity solutions to IoT devices beyond healthcare. The company concentrates on sectors deemed “mission-critical,” such as railroad infrastructure sensors and power grids.

A Vision for Impactful Technology

Tshuva, who holds a master’s degree in computer science and served in the Israeli Defense Force’s 8200 unit, expressed her desire to contribute to the medical field. “I aimed to integrate my expertise with the medical domain, recognizing the potential to improve remote care devices,” she explained.