Implantable Cardioverter-Defibrillator–Cybersecurity
2020; Lippincott Williams & Wilkins; Volume: 13; Issue: 3 Linguagem: Inglês
10.1161/circep.119.008261
ISSN1941-3149
AutoresBryce Alexander, Víctor Neira, Debra Campbell, Eugene Crystal, Chris Simpson, Andrés Enríquez, Sanoj Chacko, Hoshiar Abdollah, Damian Redfearn, Adrián Baranchuk,
Tópico(s)Neurological disorders and treatments
ResumoHomeCirculation: Arrhythmia and ElectrophysiologyVol. 13, No. 3Implantable Cardioverter-Defibrillator–Cybersecurity Free AccessLetterPDF/EPUBAboutView PDFView EPUBSections ToolsAdd to favoritesDownload citationsTrack citationsPermissionsDownload Articles + Supplements ShareShare onFacebookTwitterLinked InMendeleyReddit Jump toSupplemental MaterialFree AccessLetterPDF/EPUBImplantable Cardioverter-Defibrillator–Cybersecurity Bryce Alexander, MD, Victor Neira, MD, Debra Campbell, RN, Eugene Crystal, MD, Chris Simpson, MD, FRCPC, Andres Enriquez, MD, Sanoj Chacko, MD, Hoshiar Abdollah, MD, Damian Redfearn, MD and Adrian Baranchuk, MD, FRCPC Bryce AlexanderBryce Alexander Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Victor NeiraVictor Neira Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Debra CampbellDebra Campbell Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Eugene CrystalEugene Crystal Sunnybrook Research Institute (E.C.), Toronto, ON, Canada. , Chris SimpsonChris Simpson Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Andres EnriquezAndres Enriquez Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Sanoj ChackoSanoj Chacko Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Hoshiar AbdollahHoshiar Abdollah Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. , Damian RedfearnDamian Redfearn Division of Cardiology, Queen's University, Kingston (B.A., V.N., D.C., C.S., A.E., S.C., H.A., D.R.), Toronto, ON, Canada. and Adrian BaranchukAdrian Baranchuk Correspondence to: Adrian Baranchuk, MD, FRCPC, Cardiac Electrophysiology and Pacing, Kingston General Hospital, Queen's University, 76 Stuart St, Kingston, ON K7L 2V7, Canada. Email E-mail Address: [email protected] https://orcid.org/0000-0002-3042-6569 Originally published11 Feb 2020https://doi.org/10.1161/CIRCEP.119.008261Circulation: Arrhythmia and Electrophysiology. 2020;13:e008261Other version(s) of this articleYou are viewing the most recent version of this article. Previous versions: February 11, 2020: Ahead of Print Medical device cybersecurity has gained increasing attention in recent years.1 While many devices have been targeted, security vulnerabilities in cardiac implantable electronic devices are of particular concern as implantation of these devices is invasive and patients can be reliant upon these devices for life-sustaining therapy. The first major incident with cardiac implantable electronic devices that received wide-spread attention occurred in 2016, when Muddy Waters LLC, in conjunction with vulnerability research firm MedSec, issued a report identifying potential cybersecurity concerns in several models of St. Jude Medical's (now Abbott) pacemakers following demonstration of a crash attack and a battery drain attack.2 Replication of these attacks under experimental conditions failed to produce any clinical harm.3 The publication of this report prompted Abbott, in conjunction with the United States Food and Drug Administration, to release a firmware upgrade with enhanced cybersecurity features. As part of this release, Abbott published estimated rates of complications extrapolated from similar circumstances, which included complete loss of device function, loss of programmed device settings, and failure of the update, among others. As there had been no instances of patient harm and a small but non-negligible risk involved in the firmware upgrade, clinicians were asked to utilize a shared decision-making model when deciding whether to pursue the upgrade and to take individual factors such as pacemaker dependence and age of the device into account. Since that time, additional data have been collected on complications rates and patient attitudes toward the upgrade. Saxon et al4 analyzed a population of 10 854 patients who were offered the firmware upgrade in the United States. Of those, only 25% elected to proceed once the risks and benefits were explained. A smaller Canadian population of 155 patients demonstrated an uptake rate of only 3.9% after the risks and benefits were explained in a systematic manner endorsed by the Canadian Heart Rhythm Society.5 Complication rates were low in both populations, with 1% of patients in the United States cohort and 0.3% of patients in the Canadian cohort experiencing backup mode pacing during the installation. No cases of complete loss of device function were observed. Post hoc data reported to the Food and Drug Administration by Abbott indicated that 0.62% of devices experienced an incomplete update and remained in the back-up pacing mode with a small percentage (0.14%) of patients experiencing discomfort as a result.Since the release of the pacemaker cybersecurity firmware upgrade, the Food and Drug Administration has released a second security update concerning security vulnerabilities identified in Abbott's radiofrequency enabled implantable cardioverter-defibrillators and cardiac resynchronization therapy devices. In this case, an unauthorized user could access the device remotely using commercially available equipment and change the device settings. As before, Abbott released a firmware upgrade designed to block this vulnerability. In this case, the cybersecurity update was bundled with a separate update designed to warn patients if their device experienced premature battery depletion due to formation of lithium clusters within the battery. Physicians were advised to immediately replace any device in which this battery performance alert occurred. The Food and Drug Administration advised that while prophylactic replacement of the affected devices was not recommended, the firmware upgrade was advised for all eligible patients. Due to the bundling of the 2 upgrades, patient uptake was expected to be much higher than for the previous pacemaker firmware upgrade. To date, no cyber-attack on patients with an implantable cardioverter-defibrillator or cardiac resynchronization therapy has been reported in the literature.We collected data on firmware acceptance rates and complications of the implantable cardioverter-defibrillator/cardiac resynchronization therapy cybersecurity firmware upgrade at our large, tertiary care center in Canada. The study was approved by the local Health Sciences Research Ethics Board. The data that support the findings of this study are available from the corresponding author upon reasonable request. In contrast to the previous experience with the pacemaker firmware upgrade, we found that 85.5% of patients elected to undergo the upgrade when explained the risks and benefits in a systematic manner (Table). This explanation involved an initial letter informing patients of the advisory and stating that their device was included, followed by an in-clinic visit to review the implications of the device advisory. At our center, it was explained that the probability of this advisory impacting their health was quite low, and that there were potential complications associated with the upgrade. Patients were then given the opportunity to ask any questions they may have surrounding the events directly to their physician. Of the patients who accepted the upgrade 1.4% experienced reloading of the previous firmware version due to an incomplete upgrade. None of these devices remained in the back-up pacing mode, a theoretical risk of an incomplete upgrade that was experienced by a small number of patients who received the pacemaker cybersecurity update. An additional 19.0% of patients experienced a sudden increase of the atrial amplitude due to a failure in the auto-capture test (Acap). This required a re-run of an atrial auto-capture test at the end of the firmware upgrade, with the values returning to normal in all cases. It is likely that the high rates of patient acceptance of the implantable cardioverter-defibrillator/cardiac resynchronization therapy upgrade were due to the bundling of the cybersecurity upgrade with the battery performance alert upgrade. In this initial experience, no significant clinical harm was observed during the firmware upgrade.Table. Population Characteristics and Firmware Upgrade ComplicationsVariableValue (n=172)Age, y71.6±11.8Male sex (%)128 (74.4%)BMI, kg/m229.3±6.2Hypertension97 (56.4%)Diabetes mellitus64 (37.2%)Coronary artery disease124 (72.1%)Heart failure152 (88.4%)Prior myocardial infarction97 (56.4%)Prior TIA or stroke24 (14.0%)Device type ICD107 (62.2%) CRT-D65 (37.8%)Device indication Primary prevention90 (52.3%) Secondary prevention82 (47.7%)Device model Fortify2 (1.2%) Fortify Assura105 (61.0%) Quadra Assura41 (23.8%) Unify Assura24 (14.0%)Premature battery depletion alert felt by patient7 (4.1%)Pacemaker dependent38 (22.1%)Accept firmware upgrade—all patients147 (85.5%) Accepted firmware upgrade—pacemaker dependent34 (89.5%) Accepted firmware upgrade—non-pacemaker dependent111 (85.4%)Complications Atrial auto-capture (Acap) malfunction28 (19.0%) Reloading of previous firmware version due to incomplete upgrade2 (1.4%) Discomfort due to backup VVI pacing settings0 (0.0%) Complete loss of device settings0 (0.0%) Device remaining in back-up mode due to unsuccessful upgrade0 (0.0%) Need for external defibrillation0 (0.0%)BMI indicates body mass index; CRDT-D, cardiac resynchronization therapy; and ICD, implantable cardioverter-defibrillator.Sources of FundingThis study was conducted with an unrestricted grant from Abbott.DisclosuresDr Baranchuk received an unrestricted grant from Abbott to conduct this research. The other authors report no conflicts.FootnotesFor Sources of Funding and Disclosures, see page 278.Correspondence to: Adrian Baranchuk, MD, FRCPC, Cardiac Electrophysiology and Pacing, Kingston General Hospital, Queen's University, 76 Stuart St, Kingston, ON K7L 2V7, Canada. Email adrian.[email protected]caReferences1. Baranchuk A, Refaat MM, Patton KK, Chung MK, Krishnan K, Kutyifa V, Upadhyay G, Fisher JD, Lakkireddy DR; American College of Cardiology's Electrophysiology Section Leadership. Cybersecurity for cardiac implantable electronic devices: what should you know?J Am Coll Cardiol. 2018; 71:1284–1288. doi: 10.1016/j.jacc.2018.01.023CrossrefMedlineGoogle Scholar2. Alexander B, Haseeb S, Baranchuk A. Are implanted electronic devices hackable?Trends Cardiovasc Med. 2019; 29:476–480. doi: 10.1016/j.tcm.2018.11.011CrossrefMedlineGoogle Scholar3. Ransford B, Kramer DB, Foo Kune D, Auto de Medeiros J, Yan C, Xu W, Crawford T, Fu K. Cybersecurity and medical devices: A practical guide for cardiac electrophysiologists.Pacing Clin Electrophysiol. 2017; 40:913–917. doi: 10.1111/pace.13102CrossrefMedlineGoogle Scholar4. Saxon LA, Varma N, Epstein LM, Ganz LI, Epstein AE. Factors influencing the decision to proceed to firmware upgrades to implanted pacemakers for cybersecurity risk mitigation.Circulation. 2018; 138:1274–1276. doi: 10.1161/CIRCULATIONAHA.118.034781LinkGoogle Scholar5. Baranchuk A, Alexander B, Campbell D, Haseeb S, Redfearn D, Simpson C, Glover B. Pacemaker cybersecurity: local experience with a firmware upgrade.Circulation. 2018; 138:1272–1273. doi: 10.1161/CIRCULATIONAHA.118.035261LinkGoogle Scholar Previous Back to top Next FiguresReferencesRelatedDetailsCited By Qian X, Channels C, Gaeta S, Wish M, Matthews B, Atwater B and Kumar V (2022) Radiofrequency remote monitor software patch update without cybersecurity implantable cardioverter-defibrillator firmware update increases the risk of inappropriate implantable cardioverter-defibrillator therapies, HeartRhythm Case Reports, 10.1016/j.hrcr.2021.12.016, 8:2, (69-72), Online publication date: 1-Feb-2022. Saxon L, Varma N, Epstein L, Ganz L and Epstein A (2020) Rates of Adoption and Outcomes After Firmware Updates for Food and Drug Administration Cybersecurity Safety Advisories, Circulation: Arrhythmia and Electrophysiology, 13:8, Online publication date: 1-Aug-2020. Alexander B and Baranchuk A (2020) Cybersecurity and cardiac implantable electronic devices, Nature Reviews Cardiology, 10.1038/s41569-020-0372-1, 17:6, (315-317), Online publication date: 1-Jun-2020. March 2020Vol 13, Issue 3 Advertisement Article InformationMetrics © 2020 American Heart Association, Inc.https://doi.org/10.1161/CIRCEP.119.008261PMID: 32078370 Originally publishedFebruary 11, 2020 Keywordsdecision-makingpacemakerprobabilitylithiumattentionPDF download Advertisement SubjectsArrhythmiasCatheter Ablation and Implantable Cardioverter-DefibrillatorClinical StudiesComplicationsQuality and Outcomes
Referência(s)