Dr. William Maisel, whose team has already hacked into one machine, is now suggesting regulators and manufacturers to be more careful about the protection of such devices.
"This is not an important risk for patients right now. We just want the industry to be thoughtful about where we as a society are going with these devices," chicagotribune.com quoted Dr. Maisel as saying.
Working with colleagues from the University of Massachusetts at Amherst and the University of Washington, Maisel found that it was possible to alter an implantable defibrillator to deliver a dangerous shock or withhold a potentially lifesaving one.
Presenting their findings at a recent symposium on security and privacy in Oakland, the research team said that the electronic gear that could be put inside the human body was becoming more versatile and easier to operate from afar.
The Medical Device Security Center, a collaboration of researchers from three universities, ran tests that deduced how a particular defibrillator worked.
The information thus gained was used to hack the device from less than an inch away, with the aid of commercially available equipment.
The researchers said that their work indicated that an attacker could disrupt heartbeats, dangerously drain a battery, or even extract private medical information.
They, however, added that no case of malicious tampering with a device inside someone's body had been reported as yet.
The group suggests various strategies, including making implants better able to recognize unauthorized signals and capable of alerting patients to unwanted interference.