Medical device maker Medtronic PLC has acknowledged cybersecurity vulnerabilities in its products five times this year as it comes under increasingly hard-nosed scrutiny from independent computer security experts.

At a major cybersecurity conference in Las Vegas last week, outside researchers Billy Rios and Jonathan Butts made international headlines when they demonstrated exploits that they said would allow a malicious hacker to change the therapy delivered by an implanted heart device or insulin pump. They purported to show how a pacemaker could stop pacing the heart, or an insulin pump could stop delivering insulin.

Rios, founder of the Denver-based independent security firm White­Scope LLC, said Medtronic has been slow and opaque in acknowledging the vulnerabilities. In one case, he noted, Medtronic acknowledged mild-sounding vulnerabilities in its CareLink 2090 device programmer in February, only to add a more serious potential risk in June.

Medtronic says the likelihood of a breach of a patient's device is low, and the company isn't aware of any security breaches involving patients with its medical devices. The company, headquartered in Ireland with operational headquarters in Fridley, says it vigorously tests its products and assesses vulnerabilities identified by researchers.

When needed, the company says, it issues software patches to deployed devices and makes security enhancements to its internal systems. In other cases, cybersecurity protections may amount to keeping certain devices switched off and locked away when not in use in doctor's offices.

"Product safety and quality are top priorities for Medtronic, and we have a strong product security program that leverages internal and external security and medical device experts, rigorous development processes and current practices to enable security and usability," spokeswoman Erika Winkels said via e-mail.

The five Medtronic security alerts published this year involve vulnerabilities in machines that are supposed to communicate with patients' implanted heart devices, neurostimulators, or body-worn insulin pumps.

Compromising these external devices could theoretically allow a hacker with knowledge of the system and physical proximity to the patient to change software or functions in an implanted or body-worn device.

With the CareLink 2090, for example, Rios said in an e-mail, "we can modify the software on the pacemaker itself. We've reverse engineered that component for two different pacemaker systems."

His comments followed a demo he and Butts gave at the Black Hat USA conference in Las Vegas. They showed it's possible to create a fake software deployment network (SDN) that the CareLink 2090 believes is Medtronic's real SDN for software updates. The fake SDN then pushes code to the CareLink 2090 that allows the hacker to modify settings on a pacemaker implanted in a patient's chest.

The exploit was possible because of a weakness in the virtual private network (VPN) programming in the CareLink 2090, according to the security bulletin.

But saying that such a hack is possible in a controlled laboratory setting and executing it in the real world are different things, skeptics say.

A real-world hacker would likely have to compromise the hospital IT network that allows the CareLink 2090 to contact Medtronic via VPN, and then be physically close enough to the patient to place a wand on their chest, among other barriers.

Dr. Kevin Wheelan, the chief of staff at Baylor Scott & White Heart and Vascular Hospital in Dallas who has worked as an investigator on Medtronic clinical studies, said such risks seem remote.

"The combination of events that would be required are almost impossible to envision other than in a staged scenario where someone was trying to prove that possibility that could occur," Wheelan said. "None of us consider that a real-world clinical threat."

There has never been a documented successful attack on an implanted medical device intended to harm a real patient, though cybersecurity researchers say it would be very difficult to tell if such an attack has occurred.

Medtronic acknowledged to the Star Tribune earlier this year that it took too long to analyze the initial problems that were presented to the company regarding the CareLink 2090 programmer, which runs on the obsolete Windows XP operating system.

The company pledged at the time to speed up its process for evaluating and reporting risks to authorities. Since then, there have been four new advisories and an update to its original CareLink 2090 advisory.

Many medical device companies have had similar cybersecurity disclosures in recent years, including Abbott Laboratories, Baxter, Becton Dickison, Boston Scientific, GE, Johnson & Johnson, Philips, and Smiths Medical. The advisories are issued by the Homeland Security Department's Industrial Control Systems Cyber Emergency Response Team, in consultation with authorities including the Food and Drug Administration.

Last April, the FDA published an 18-page action plan on medical device safety that recommended manufacturers take a "proactive, risk-based approach to cybersecurity throughout a device's life cycle." The FDA is also considering forming a public-private partnership called the CyberMed Safety Analysis Board to help coordinate responses to digital vulnerabilities in medical devices.

Joe Carlson • 612-673-4779