Three years ago an article in the New England Journal of Medicine reported that computer hackers could gain wireless access to implanted pacemakers and shut them off, or reprogram defibrillators to deliver fatal jolts of electricity. This generated an avalanche of press worldwide about the hidden risks of medical devices, followed by requisite hand-wringing from politicians and promises of stiffer regulations. For this and other reasons, makers of medical devices have been steadily increasing their focus on security. They realize that the threat is far broader than a hacked ICD. Embedded software is part of everything from CT scanners to imaging systems to intensive-care ventilators. And the fact is, the rapid growth in the number, the intelligence, and the interconnectedness of medical devices has created an upward spiral in security threats.