Exploring Vulnerabilities and Attack Vectors Targeting Pacemaker Devices in Healthcare


Brad Chardenet, Jaycen Jamssens, Richard Cummins, and Tauheed Khan Mohd, Eastern Michigan University, USA


This technical paper investigates the vulnerabilities and potential threats posed by emerging technologies, specifically Bluetoothenabled patient pacemakers. With the advancements in healthcare technology, pacemakers now utilize Bluetooth connectivity for real-time monitoring and data transmission, offering patients and healthcare providers an important convenience. However, this technology also introduces significant security risks, leaving these life-sustaining devices susceptible to malicious attacks.
Through an in-depth analysis of existing research, real-life incidents, and vulnerabilities identified by experts in the field, this paper will underscore the critical vulnerabilities present in pacemaker systems. Examples, including findings from researchers such as Billy Rios, Jonathon Butts, and Marie Moe, demonstrate the potential severity of these vulnerabilities. From remote control manipulation to unauthorized access to sensitive medical data, the threats posed by these vulnerabilities are substantial and potentially life-threatening.
Moreover, this paper outlines advanced mitigation strategies essential for protecting patient pacemakers against these security risks. Recommendations include end-to-end encryption, whitelist device pairing, intrusion detection systems, and regular firmware updates, highlight the collaborative efforts required from patients, healthcare providers, and manufacturers to mitigate these risks effectively. This paper’s findings underscore the urgent need for robust cybersecurity measures in the design, implementation, and maintenance of pacemaker systems. Addressing these vulnerabilities is key for ensuring patient safety, maintaining privacy, and building trust in healthcare technology. The implications of this research extend beyond pacemaker security, emphasizing the broader importance of cybersecurity in medical devices and the importance of ongoing research and regulatory initiatives to protect patient health.


Attack Vectors, Pacemaker, Healthcare