Short-selling firm Muddy Waters said today that outside cybersecurity experts validated its claim that cardiac rhythm management devices made by St. Jude Medical (NYSE:STJ) are vulnerable to malicious hackers.
Muddy Waters and research firm MedSec Holdings, which both stand to gain financially from a decline in the price of STJ shares, 1st claimed in August that St. Jude’s Merlin@home remote patient monitoring system was vulnerable to hacking. Although St. Jude immediately denied the claims as completely false, its share price initially slid some -5% and is still off about -3% from its August 24 close; STJ shares were trading at $79.30 apiece today in mid-day activity, down -0.1%. Last week, in a release timed to coincide with St. Jude’s 3rd-quarter results announcement, the short seller posted a series of videos purporting to show cybersecurity vulnerabilities in the company’s cardiac rhythm management products.
St. Jude sued Muddy Waters, MedSec and their principals in September, accusing them of making false statements, false advertising, conspiracy and “the related manipulation of the public markets in connection with St. Jude Medical’s implantable cardiac management devices.” In its legal response to the lawsuit today, Muddy Waters included a report from a team led by outside consulting firm Bishop Fox that sought to repeat MedSec’s findings, “using only the technical details provided by MedSec” and St. Jude equipment provided by MedSec.
“My overall opinion regarding the security of the St. Jude Medical implantable cardiac device ecosystem is that the security measures I observed do not meet the security requirements of a system responsible for safeguarding life-sustaining equipment implanted in patients. In particular, the wireless protocol used for communication among St. Jude Medical cardiac devices has serious security vulnerabilities that make it possible to convert Merlin@home devices into weapons capable of disabling therapeutic care and delivering shocks to patients at distances of 10 feet, a range that could be extended using off-the-shelf parts to modify Merlin@home units. I found that Muddy Waters’ and MedSec’s statements regarding security issues in the St. Jude Medical implant ecosystem were, by and large, accurate,” wrote Carl Livitt, the Bishop Fox consultant who led the team.
St. Jude did not immediately respond to a request for comment.
The post Outside firm backs up short-seller’s claims against St. Jude Medical appeared first on MassDevice.
from MassDevice http://ift.tt/2e4eElP
Cap comentari:
Publica un comentari a l'entrada