Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

Insulin Pumps Recalled After Hacking Vulnerability Revealed

Posted on by

After the U.S. Food and Drug Administration (FDA) expressed concern this week that some of its internet-connected insulin pumps are vulnerable to hacking and could not be patched, medical device manufacturer Medtronic Plc has announced that they would offer an exchange for the 4,000 patients who are reportedly using the vulnerable devices. If patients are using vulnerable out-of-warranty models, Medtronic is offering a newer replacement at a discounted price, and in-warranty models will be replaced free of charge.

The Medtronic insulin pumps in question work by regularly providing insulin to the patient with the help of a continuous glucose monitor (CGM), which uses Bluetooth to connect to a computer via a CareLink USB device. This system allows patients to remotely send the device commands and share data with their health care providers. These devices are part of an industry-wide push to connect medical devices to the internet (as part of the wider internet of things, or IoT) to allow more efficient and cost-effective communication between patients and providers.

While the exact nature of the insulin pump vulnerability is unclear at this time—neither the FDA nor Medtronic has disclosed any technical details—the danger from someone exploiting the vulnerability is very serious and could be potentially fatal. According to the FDA, “an unauthorized person (someone other than a patient, patient caregiver, or health care provider) could potentially connect wirelessly to a nearby MiniMed insulin pump with cybersecurity vulnerabilities. This person could change the pump’s settings to either over-deliver insulin to a patient, leading to low blood sugar (hypoglycemia), or stop insulin delivery, leading to high blood sugar and diabetic ketoacidosis.” In a letter to patients using one of the vulnerable pumps, Medtronic confirmed the potential danger, saying that “An unauthorized person with special technical skills and equipment could potentially connect wirelessly to a nearby insulin pump to change settings and control insulin delivery.”

Fortunately, there have not been any reported cases of anyone exploiting the vulnerability, but it is not the case of such an issue affecting these devices. In 2011, a security researcher was able to hijack nearby Medtronic insulin pumps, giving him the ability to deliver potentially fatal doses of insulin to patients within 300 feet. After the vulnerability was revealed, Medtronic released a statement saying that it was working to improve their devices’ security.

This March, it was also revealed that Medtronic’s connected pacemakers, clinic programmers and home monitors were also vulnerable to hacking. In that case, Dutch security researchers discovered the security flaws, which the company reportedly initially denied before the FDA began an investigation. The agency later issued a warning about the pacemakers, and Medtronic released a patch for the software. As with the insulin pumps, there were no reported cases of anyone taking advantage of the security flaw before the fix was implemented.

Speaking to CBS News after the March incident, the FDA’s Dr. Suzanne Schwartz said, “Any device can be hacked and that’s often not understood,” adding that companies are not prepared for this reality and that “we still have a ways to go.” This week, the FDA released a set of recommendations regarding the latest insulin pump vulnerability, including a suggestion to patients: “Talk to your health care provider about a prescription to switch to a model with more cybersecurity protection.”

Such cases highlight the continuing potential risks of internet-connected medical devices. As discussed in the recent Risk Management article “Diagnosis: Risk—The Product Liability Challenges of Diagnostic Health Tech,” cyber vulnerability is only one of the many challenges for manufacturers and users of connected medical devices. These devices—especially ones that provide medical diagnostic data—have scores of built-in product liabilities that could land their manufacturers (as well as any number of other companies in the devices’ chain of distribution) in legal trouble if something goes awry.

Beyond Pride: Building Strong Diversity and Inclusion Programs

Posted on by

Today, June 28, marks the 50th anniversary of the Stonewall riots, demonstrations widely considered the most formative event to formally start the fight for LGBTQ rights in New York City and the United States as a whole. As June comes to a close and the city begins celebrating World Pride this weekend, enterprises should be thinking about how to extend the spirit of Pride month and embrace the importance of diversity and inclusion. Long after companies have retired their rainbow logos, they still face increasing need to build and maintain meaningful policies and programs in practice.

Whether looking to start a formal diversity and inclusion initiative, review existing policies, or audit the efficacy of D&I programs, here are some key resources companies can use to build better workplaces for LGBTQ employees and the workforce at large:

RIMS has also been increasingly focused on diversity and inclusion initiatives for both members and the organization itself with Risk Management Magazine content, webinars and conference networking events. Special thanks to Joshua Lamangan, senior membership manager at RIMS, for sharing many of the resources above from his work leading the RIMS Diversity and Inclusion Task Force and Diversity and Inclusion Advisory Council.

Global Heat Waves Signal Climate Risks

Posted on by

India is currently suffering under a heat wave that has lasted over a month, with temperatures reaching a record 118 degrees Fahrenheit (48 degrees Celsius) in New Delhi on June 10 and 122 degrees (50 degrees Celsius) in the western city of Churu. The death toll has been estimated to be at least 36, though some sources put the number at more than 150. Europe is also preparing for its own massive heat wave this week, with temperatures expected to be 36 degrees Fahrenheit (20 degrees Celsius) higher than the seasonal average of 72 degrees (22 degrees Celsius).

This pattern of heat waves has become a yearly occurrence across the globe. Europe faced similar heat last year, as did Asia, with Japan experiencing record-breaking temperatures in 2018, which sent more than 71,000 to hospitals, killing 138. North America also saw extended higher temperatures in 2018, with 41 heat records across the United States, and heat-related deaths overwhelming Montreal’s city morgue.

Experts say that these global record-breaking incidents are the result of climate change, and likely forecast a new normal of dangerous summer heat.

buy tobrex online sinusys.com/email/img/jpg/tobrex.html no prescription pharmacy

According to Stefan Rahmstorf, co-chair of Earth System Analysis at the Potsdam Institute for Climate Research (PIK), “Monthly heat records all over the globe occur five times as often today as they would in a stable climate. This increase in heat extremes is just as predicted by climate science as a consequence of global warming caused by the increasing greenhouse gases from burning coal, oil and gas.

” French national meteorological service Météo-France echoed these concerns, saying that heat waves’ frequency “is expected to double by 2050.” And according to a 2017 study from The Lancet Planetary Health journal, the number of deaths resulting from weather-related disasters could skyrocket in the future, killing as many as 152,000 people each year between 2071 and 2100, more than 50 times greater than the average annual deaths from 1980 to 2010.

As Risk Management has previously reported, these changes are also already impacting business operations globally, with direct economic losses from climate-related disasters (including heat waves) increased 151% from 1998 to 2017, according to the United Nations Office for Disaster Risk Reduction. Heat waves have serious effects on business operations, impacting things like road conditions and agriculture, as well as workers’ health and safety. More than 15 million U.S. workers have jobs requiring time outdoors, and according to the World Bank, even for indoor workers, productivity declines by 2% per degree Celsius above room temperature.

Many countries have taken steps to mitigate the effects of heat waves on their populations. For example, since 2016, India has been providing shelter for homeless people, opening water stations for hydration, cutting building heat absorption by painting roofs white and imposing working hour changes, curfews and restrictions on outdoor activities. These efforts have successfully reduced heat-related deaths from more than 2,400 in 2015 to 250 in 2017.

The U.S. Environmental Protection Agency (EPA) recommends similar steps to the ones India is taking, as well as ensuring that energy and water systems are properly functioning, establishing hotlines for reporting cases of high-risk individuals and encouraging energy conservation to reduce the chances of overwhelming electric systems. The U.S. Occupational Safety and Health Administration (OSHA) recommends that employers and workers facing higher temperatures in the workplace pay close attention for the signs of heat stroke, and keep three words in mind: water, rest and shade.

While these on-the-ground measures can reduce the immediate effects on workers and vulnerable populations like the elderly, children and the homeless, PIK’s Rahmstorf warns that “Only rapidly reducing fossil fuel use and hence CO2 emissions can prevent a disastrous further increase of weather extremes linked to global heating.”