Contemporary healthcare has witnessed a wide deployment of Implantable Cardioverter Defibrillators (ICDs), which have the capability to be controlled remotely, making them equally accessible from both home and hospitals. The therapeutic benefits of ICDs seem to outweigh potential security concerns, yet overlooking the presence of malicious attacks cannot be justified. This study investigates the scenario where an adversary falsifies a controller command and sends instructions to issue high electric shocks in succession. We propose a novel security hardening mechanism to protect data communications between ICD and controller from malicious data manipulations. Our proposed method verifies the correctness of an external command with respect to the history of heart rhythms. The proposed method is evaluated using real data. Multi-aspect analyses show the effectiveness of the proposed scheme.