Cardiac implantable electronic devices (CIED) are vulnerable to radio frequency (RF) cyber-attacks. Besides, CIED communicate with medical equipment whose telemetry capabilities and IP connectivity are creating new entry points that may be used by attackers. Therefore, it remains crucial to perform a cybersecurity risk assessment of CIED and the systems they rely on to determine the gravity of threats, address the riskiest ones on a priority basis, and develop effective risk management plans. In this study, we carry out such risk assessment according to the ISO/IEC 27005 standard and the NIST SP 800-30 guide. We employed a threat-oriented analytical approach and divided the analysis into three parts, an actor-based analysis to determine the impact of the attacks, a scenario-based analysis to measure the probability of occurrence of threats, and a combined analysis to identify the riskiest attack outcomes. The results show that vulnerabilities on the RF interface of CIED represent an acceptable risk, whereas the network and Internet connectivity of the systems they rely on represent an important potential risk. Further analysis reveals that the damages of these cyber-attacks could spread further to affect manufacturers through intellectual property theft or physicians by affecting their reputation.

心脏植入式电子设备（CIED）容易受到射频（RF）网络攻击。此外，CIED与其遥测功能和IP连接能力正在创建新的入口点的医疗设备进行通信，攻击者可能会使用这些入口点。因此，执行CIED及其依赖的网络安全风险评估，确定威胁的严重性，优先解决最危险的威胁以及制定有效的风险管理计划，仍然至关重要。在这项研究中，我们根据ISO / IEC 27005标准和NIST SP 800-30指南进行了此类风险评估。我们采用了面向威胁的分析方法，并将该分析分为三个部分：基于行为者的分析来确定攻击的影响；基于场景的分析来衡量威胁发生的可能性；并进行综合分析，以确定最危险的攻击结果。结果表明，CIED的RF接口上的漏洞表示可接受的风险，而它们所依赖的系统的网络和Internet连接则表示严重的潜在风险。进一步的分析表明，这些网络攻击的损害可能会进一步扩散，通过盗窃知识产权来影响制造商，或者通过影响医生的声誉来影响医生。