St. Jude kanye nokulimala kwe-Cyber kwamadivayisi wezokwelapha
Ekupheleni kuka-2016 nakusasa ngo-2017, imibiko yezindaba yaphakamisa ukuthi abantu abanezinhloso ezimbi bangase badonsa idivaysi yezokwelapha ezingasetshenziswa futhi babangele izinkinga ezinkulu. Ngokucacile, amadivaysi okukhulunywa ngawo athengiswa nguSt. Jude Medical, Inc., futhi afaka ama- pacemakers ( aphethe isisindo se-bradycardia ne- block block ), ama- defibrillators angenawo (i-ICDs) ( okuphatha i-ventricular tachycardia ne- ventricular fibrillation ), namadivayisi we-CRT ( aphathe ukuhluleka kwenhliziyo ).
Lezi zimbiko zemibiko kungenzeka ukuthi zaphakamisa ukwesaba phakathi kwabantu abanamadivayisi wezokwelapha ngaphandle kokubeka umbono owanele.
Ingabe amadivaysi enhliziyo afakwe engozini yokuhlaselwa kwe-cyber? Yebo, ngoba noma iyiphi idivaysi yedijithali efaka ukuxhumana okungenazintambo okungenani iyingozi, kubandakanya ama-pacemaker, ama-ICD namadivayisi we-CRT. Kodwa kuze kube manje, ukuhlaselwa kwe-cyber yangempela kunoma iyiphi yalezi zixhobo ezifakiwe kungakaze kubhalwe phansi. Futhi (ngiyabonga ngokuyinhloko ememezweni yamuva mayelana nokukhwabanisa, kokubili amadivaysi ezempilo kanye nezombusazwe), i-FDA kanye nabakhiqizi bezinsimbi manje basebenzela kanzima ukuhlanganisa noma yikuphi ukukhubazeka okunjalo.
St Jude Jude Devices Cardiac and Hacking
Le ndaba yaqala ngo-Agasti, ngo-2016 ngesikhathi i-Carson Block ebizwa ngokuthi i-short-seller yamemezela esidlangalaleni ukuthi uSt. Jude wayedayise ngamakhulu ezinkulungwane zamaphimakers, abakwa-defibrillators nama-CRT abesebenzi kakhulu.
UBlock uthe inkampani ye-cybersecurity eyayibambisene naye (MedSec Holdings, Inc.), yenze uphenyo olujulile futhi ithola ukuthi amadivayisi eSt Jude ayengozini yokuhlukunyezwa (ngokungafani nezinhlobo ezifanayo zamadivayisi wezokwelapha adayiswa yi-Medtronic, IBoston Scientific, nezinye izinkampani).
Ngokuyinhloko, kusho i-Block, amasistimu e-St. Jude "ayenakho ngisho nokuvikela okuyisisekelo okuyisisekelo," njengamadivaysi okudambisa, ukubethela, namathuluzi okulwa nokuhlukumeza, uhlobo olusetshenziswa kakhulu embonini yonke.
Ukubekwa kwesimo okusolakala ukuthi kuhlobene nokuqapha, ukuqapha okungenazintambo kuzo zonke lezi zixhobo ezakhele kuzo. Lezi zinhlelo zokuqapha ezingenazintambo zenzelwe ukuzitholela ngokuzenzakalelayo izinkinga zedivayisi ezikhulayo ngaphambi kokuba zidale ukulimala, futhi zixoxisane nalezi zinkinga ngokushesha kudokotela. Lesi sici sokuqapha esikude, esisebenza manje yibo bonke abakhiqizi bedivayisi, siye sabhalwa ukuze kuthuthukiswe kakhulu ukuphepha kweziguli ezinale mikhiqizo. Uhlelo lokuqapha olude oluvela eSt. Jude lubizwa ngokuthi i- "Merlin.net."
Izigameko zeBlock zihle kakhulu futhi zenze ukuba kube khona ukwehla okusheshayo esitokisini samasheya eSt Jude-okuyiyona nto eyayihlose iBlock. Inothi, ngaphambi kokwenza izinsolo zakhe ngeSt. Jude, inkampani kaBlock (Muddy Waters, LLC), yayithathe isikhundla esifushane eSt. Jude. Lokhu kwakusho ukuthi inkampani ye-Block yayizokwenza izigidi zamaRandi uma isitokisi saSt. Jude sithinta kakhulu, futhi sahlala silinganiselwe ngokwanele ukuze sibheke ukuthengwa okuvunyelwene ngakho ngu-Abbott Labs.
Ngemuva kokuhlaselwa kahle kweBlock, uSt Jude washeshe waxoshwa ngokushicilelwa okushiwo ngokuqinile ukuthi izinsolo zikaBlock "aziyiqiniso neze." USud Jude uphinde wamangalela uMaddy Waters, LLC ngokusobala ukuthi usakaza ulwazi lwamanga ukuze asebenzise uSt Jude izintengo zamasheya. Phakathi naleso sikhathi, abaphenyi abazimele babheka umbuzo waseSt. St Jude futhi bafika eziphethweni ezahlukene. Iqembu elilodwa liqinisekisile ukuthi amadivayisi kaSt. Jude ayebhekeleke kakhulu ekuhlaselweni kwe-cyber; elinye iqembu laphetha ukuthi babengekho. Yonke le nkinga yahlaselwa emgqeni we-FDA, owaqala uphenyo olunamandla, futhi kancane kancane kwazwakala ngale ndaba izinyanga ezimbalwa.
Phakathi naleso sikhathi isitoreji saseSt. Jude sathola okuningi kokulahlekelwa kwayo, futhi ekupheleni kuka-2016 ukuthengwa kuka-Abbott kwaphetha ngempumelelo.
Kwathi ngoJanuwari, 2017, izinto ezimbili zenzeka ngesikhathi esisodwa. Okokuqala, i-FDA yakhipha isitatimende esibonisa ukuthi kwakukhona izinkinga zokuphepha kwe-cybersecurity namadivayisi wezokwelapha aseSt. Jude, futhi ukuthi lokhu kubungozi kungavumela ngempela ukungenwa kwe-cyber kanye nokuxhaphazwa okungase kubonakale kulimaza iziguli. Kodwa-ke, i-FDA ikhombise ukuthi akukho bufakazi obutholiwe ukuthi ukukhwabanisa kwakwenziwe ngempela kunoma yimuphi umuntu.
Okwesibili, uSt. Jude uvule i-software ye-cybersecurity patch eyenzelwe ukunciphisa kakhulu amathuba okufaka amadivaysi angenawo. I-patch yesofthiwe yenzelwe ukuzifaka ngokwayo ngokuzenzekelayo nangokungenantambo, ku-Merlin.net yakwaSt. Jude. I-FDA ikhuthaze ukuthi iziguli ezinamadivayisi aqhubeke nokusebenzisa uhlelo lokuqapha olungenazintambo zikaSt Jude, ngoba "izinzuzo zezempilo ezigulini ezivela ekusetshenzisweni okuqhubekayo kwedivayisi zidlula izingozi ze-cybersecurity."
Lokho Kusishiya Kuphi?
Lokhu okushiwo ngenhla kufana kakhulu kuchaza amaqiniso njengoba thina emphakathini uyabazi. Njengomuntu ohileleke kakhulu ekuthuthukiseni uhlelo lokuqala lokuqapha olukude (hhayi iSt. Jude), ngikuhumusha konke ngale ndlela elandelayo: Kubonakala sengathi kukhona ukukhubazeka kwe-cybersecurity ohlelweni lokuqapha elisuka eSt Jude , futhi lezi zingozi zibonakala zingekho ezijwayelekile embonini enkulu. (Ngakho-ke, ukuphika kokuqala kukaSt. Jude kubonakala sengathi kuye kwanyanyiswa.)
Ngaphezu kwalokho, kusobala ukuthi uSt. Jude wahamba ngokushesha ukuze akwazi ukulungisa lesi sengozini, esebenza ngokubambisana ne-FDA, nokuthi lezi zinyathelo zagcina zithinteka yi-FDA. Eqinisweni, ekwahlulela ngokubambisana kwe-FDA nokuthi iqiniso lokuthi ukubhekelwa kwengozi kwakucatshangwa ngokwanele ngokusebenzisa i-software patch, inkinga kaSt. Jude ibonakala ingacindezeli njengoba kwashiwo uMnu. Block ngo-2016. ( Ngakho-ke, izitatimende zokuqala zikaMnu. Block kubonakala sengathi zenziwe ngokweqile). Ngaphezu kwalokho, kwenziwa izilungiso ngaphambi kokuba noma ubani ahlukunyezwe.
Kungakhathaliseki ukuthi ukuphikisana kukaMnuz Block kuka-intanethi (lapho ukushayela phansi iSt Jude's stock price kwaze kwaba yilapho kukhishwa khona imali enkulu), kungenzeka ukuthi kuye kwaholela ekubhekiseni izingozi ezingase zenzeke nge-cyber imisindo kungenzeka, kodwa lokhu kungumbuzo wokuthi izinkantolo zomthetho zinqume .
Njengamanje kubonakala sengathi, lapho kusetshenziswe i-software patch yokulungisa, abantu abanezici zaseSt. Jude abanaso isizathu esithile sokukhathazeka ngokweqile ngokuhlaselwa kokuhlaselwa.
Kungani Amadivaysi E-Cardiac Implantable Awulimaza Ukuhlasela Kwama-Cyber?
Okwamanje iningi lethu liyaqaphela ukuthi noma yimuphi umshini wedijithali esisisebenzisayo ekuphileni kwethu okubandakanya ukuxhumana okungenantambo okungenani kunengozi yokungena kwi-cyberattack. Lokho kuhlanganisa noma yikuphi idivayisi yezokwelapha engasetshenziselwa, konke okumele kukhulume ngaphandle kwezwe (okungukuthi, umhlaba ngaphandle komzimba).
Ukuthi kungenzeka ukuthi abantu noma amaqembu abambelele ebubini bangase badonwe kumadivayisi wezokwelapha, eminyakeni embalwa edlule, ibonakala sengathi iyingozi enkulu yangempela. Ngalokhu kukhanya, ukukhangisa okuzungeze ukuhlukunyezwa kukaSt. UJude kungenzeka kube nethonya elihle. Kuyacaca ukuthi kokubili imboni yezokwelapha kanye ne-FDA manje iyingozi kakhulu ngalokhu kusongela, futhi manje isebenza ngamandla amakhulu okuyihlangabeza.
Yini i-FDA Eyenza Ngenkinga?
Ukuqaphela kwe-FDA kuye kwagxila kulokhu, cishe ikakhulukazi ngenxa yokuphikisana kwamadivayisi aseSt. Jude. Ngenyanga kaDisemba, 2016 i-FDA yakhipha incwadi engu-30 ethi "isiqondiso" kubakhiqizi bamadivayisi wezokwelapha, ibeka imithetho emisha yokubhekana nokukhubazeka kwe-cyber kumadivayisi wezokwelapha asevele emakethe. (Imithetho efanayo yemikhiqizo yezokwelapha eqhubeka nokuthuthukiswa yanyatheliswa ngo-2014.) Imithetho emisha ichaza ukuthi abakhiqizi kufanele bahambe kanjani ngokukhomba nokulungisa ukukhubazeka kwe-cybersecurity kwimikhiqizo ebekwe emakethe, nokuthi bangasungula kanjani izinhlelo zokukhomba nokubika izinkinga ezintsha zokuphepha.
Okubalulekile
Ngenxa yokuthi izingozi ze-cyber zihambisana naso nanoma yisiphi isimiso sokuxhumana esingenazintambo, izinga elithile le-cyber vulnerability alinakugwema ngamadivaysi ezokwelapha asetshenziselwa. Kodwa kubalulekile ukwazi ukuthi ukuzivikela kungakhiwa kule mikhiqizo ukwenza ukukhwabanisa nje kungenzeka, ngisho noMnu. Block uyavuma ukuthi ezinkampanini eziningi lokhu kwenzekile. Uma uSt Jude eseke ahlasele mayelana nalolu daba, inkampani ibonakala iphilisiwe ngayo ngokusakaza okungalungile abawutholile ngo-2016, okwathi okwesikhashana babesongela kakhulu ibhizinisi labo. Phakathi kwezinye izinto, uSt. Jude uye wathumela i-Cyber Security Medical Advisory Board ukuba iqondise imizamo yayo iya phambili. Ezinye izinkampani zedivayisi yezokwelapha cishe zilandela i-suit. Ngakho-ke, kokubili i-FDA kanye nabakhiqizi bedivaysi yezokwelapha baxazulula inkinga ngokuqina okukhulu.
Abantu abafake ama-pacemakers, ama-ICD noma ama-CRT amadivayisi kufanele aqaphele ukukhathazeka kwe-cyber, njengoba singase sizwe kabanzi mayelana naso njengoba isikhathi sihamba. Kodwa okwamanje, ingozi ibonakala iyinto encane kakhulu, futhi impela ingaphezu kwezinzuzo zokuqapha idivayisi kude.
> Imithombo:
> FDA. Ukuhlukunyezwa kwe-Cybersecurity Kukhonjiswe kumadivayisi weCardic Medical Implantable Devices kanye ne-Merlin @ Home Transmitter: FDA Communication Communication. NgoJanuwari 9, 2017.
> I-Muddy Waters. I-MW Isitatimende ku-STJ / ABT Ukubonga kwe-Cyber Vulnerabilities. Ukushicilelwa kwezindaba ngoJanuwari 9, 2017.
> I-Jude Jude Medical. I-St Jude Medical iyamemezela ukukhululwa kwe-Cybersecurity Updates. NgoJanuwari 9, 2017.