As many as 750,000 heart devices made by Medtronic PLC contain a serious cybersecurity vulnerability that could let an attacker with sophisticated insider knowledge harm a patient by altering programming on an implanted defibrillator, company and federal officials said Thursday.

The Homeland Security Department, which oversees security in critical U.S. infrastructure including medical devices, issued an alert Thursday describing two types of computer-hacking vulnerabilities in 16 different models of Medtronic implantable defibrillators sold around the world, including some still on the market today. The vulnerability also affects bedside monitors that read data from the devices in patients’ homes and in-office programming computers used by doctors.

Medtronic recommends that patients use only bedside monitors obtained from a doctor or from Medtronic directly, to keep them plugged in so they can receive software updates, and that patients maintain “good physical control” over the monitor.

Implantable defibrillators are complex, battery-run computers implanted in patients’ upper chests to monitor the heart and send electric pulses or high-voltage shocks to prevent sudden cardiac death and treat abnormal heart beats. The vulnerabilities announced Thursday do not affect Medtronic pacemakers.

Medtronic, run from offices in Fridley, says the risk of physical harm to defibrillator patients appears to be low, even though one of the two issues described by Homeland Security was assigned a CVSS base score of 9.3 out of 10. A higher CVSS base sore indicates a more severe vulnerability, but it assumes an attacker already has the knowledge and tools to mount the attack.

Although the vulnerabilities could be prevented by shutting off the devices’ wireless communications, Medtronic is urging doctors and patients to keep the devices’ wireless communications switched on. Remote patient monitoring can alert doctors to developing health or device problems and has been shown to improve outcomes in heart-device patients.

The vulnerabilities were discovered by two different teams of security researchers and reported to Medtronic, which reported it to authorities, Medtronic officials said.

Medtronic is now actively monitoring its network for signs that someone was trying to exploit the vulnerabilities. Medtronic officials say affected defibrillators contain a feature that shuts down wireless communications upon receiving unusual commands.

Dr. Robert Kowal, chief medical officer for Medtronic’s cardiac rhythm and heart failure products, said in an interview that a hacker would have to be within 20 feet or so of the patient, would need detailed knowledge of the device’s inner workings, and have possession of specialized technology to pull off the hack.

“No. 1, this would be very hard to exploit to create harm,” Kowal said. “No. 2, we know of no evidence that anyone’s ever done this. And 3, we are working closely with FDA as this whole cyber issue evolves to make sure we are not only handling this problem but we’re working on future devices to optimize security versus functionality.”

The FDA is not expected to issue a recall. Rather, the vulnerabilities will likely be addressed through a future software patch, as happened last year with a widespread vulnerability in implantable defibrillators made by St. Jude Medical, which was acquired by Chicago’s Abbott Laboratories in 2017.

Ben Ransford, CEO of medical-device security firm Virta Labs, said he agreed with the assessments of Medtronic and federal officials that the vulnerabilities in the Medtronic defibrillators were not serious enough to warrant replacement.

“If I had one of these devices, I would not be concerned that this meant an attack is coming, or anything like that,” said Ransford, who was not involved in detecting or investigating the vulnerabilities.

A known weakness

But Ransford did say it was surprising that issues like the ones in Thursday’s advisory continue to crop up in Medtronic defibrillators, since this variety of vulnerability has been known since 2008.

A decade ago Ransford was part of a team of researchers that tested a bacon-wrapped Medtronic Maximo defibrillator and came to the surprising conclusion that it could be hacked.

In the groundbreaking paper, the researchers reported that they could cause their compromised device to issue shocks on command, shut down its lifesaving features and change functionality so the battery would wear out.

“It looks like a manufacturer still has some work to do,” Ransford said.

Ransford said the effects of the attack appeared to be essentially the same, regardless of the specific route used to attack the device. Medtronic officials said the vulnerabilities described in the 2008 paper involved a different communications protocol.

The Homeland Security advisory describes two specific vulnerabilities in the Medtronic defibrillators.

The more serious of the two is a vulnerability that could allow improper access to data sent between a defibrillator and an external device like an at-home monitor. The system doesn’t use formal authentication or authorization protections, which means an attacker with short-range access to the device could inject or modify data and change device settings, the advisory says.

A second vulnerability allows an attacker to read sensitive data streaming out of the device, which could include the patient’s name and past health data stored on their device. The system does not use data encryption, the advisory says. (Deploying encryption in medical devices is tricky because is increases computational complexity and therefore uses the battery faster.)

The common connection between all of the vulnerabilities and affected devices is Medtronic’s proprietary Connexus “telemetry protocol” or communication system.

The FDA first approved a device with the Connexus protocol in 2006. At the time, the system was hailed as a breakthrough that would automatically be transmitted from an implanted device to an at-home monitor to the doctor’s office via the internet.

However, Kowal noted that the vulnerabilities in Thursday’s alert must be exploited in close physical proximity to the patient.

“Nothing about this issue is related to access via the internet,” he said. Thursday’s advisory affects two types of defibrillators: standard implantable cardioverter defibrillators (ICDs) as well as more complex cardiac resynchronization therapy defibrillators (CRT-Ds) that can deliver current to both sides of the heart. Some of the models are approved to be compatible with magnetic-resonance imaging, or MRI.