02
May
2026

AI-Powered Medical Device Cyberattacks Are Coming … Faster Than Expected

0

From the May 2026 SoftwareCPR newsletter – an edited excerpt about cyberattacks:

Last month, we explained that cybersecurity monitoring is not optional extra work. It is a basic duty across the full life of a medical device. AI can help with monitoring effectively and efficiently.

That duty is becoming even more important as AI becomes also a threat. AI-driven cyberattacks have already begun. So far, victims have been few and often well known. Attack methods have also mostly matched the early stages of AI use.

That is changing. Anthropic’s recently announced Mythos model appears to be an enormous step forward in cyberattack capability. Early testing found that Mythos performed unexpectedly better at complex, multi-step attack simulations. Those gains were once thought to be further in the future. This indicates that highly capable AI-based attacks are no longer just a theory. Anthropic has limited access to Mythos for now, but that may not last forever. OpenAI has just announced a highly capable cyber model of their own. Other AI makers may release similar models.

These models change medical device cybersecurity in two major ways as they can:

  1. Speed up how fast attackers find, link, and use weaknesses.
  2. Raise the skill level of attacks much faster than expected.

That increases risk during both product development and real-world use. The answer is preparation before you become a target.

During development, manufacturers should strengthen secure-by-design practices for future releases. A Secure Product Development Framework is not only about meeting FDA and EU guidance. It is also a practical way to build cybersecurity into the development process. That includes strong threat modeling and architecture reviews “up front” in development. That way, protections can be designed in. Security processes will include third-party software oversight, automated vulnerability scanning, and adversarial testing.

Once products are in the field, speed will matter most. Manufacturers will likely need better telemetry from the products themselves to detect issues. Designs – especially software – should be patch-ready. Fast incident analysis and patch development/deployment will also be critical.

Do not wait before AI-driven threats threaten your products. Compare your development process against secure-by-design expectations and needs. Update your cybersecurity industry and postmarket monitoring plans ASAP.

Want to receive our newsletter and get information like this? Subscribe here: https://www.softwarecpr.com/join-mailing-list/ 

About the author

Succeeding despite relentless change is the goal of 21st century organizations. Mike helps achieve those successes by working with leaders of start-ups to Fortune 20 companies and national governments. His aim is to help them re-imagine and create adaptive, innovative enterprises that increase profitability and value across the quadruple bottom line: customers, employees, owners/shareholders, and communities.

SoftwareCPR Training Courses

ISO13485:2016 ISO 13485 Internal Audit(or) Training Course (Live, 3-day)

IEC 62304 and other Emerging Standards Impacting Medical Device Software (Live, 3-day)

Being Agile & Yet CompliantISO 14971 SaMD Risk Management

Software Risk Management

Medical Device Cybersecurity

Software Verification

IEC 62366 Usability Process and Documentation

Or just email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.