Pacemakers Can Be Hacked

By admin | Mar 13, 2008
If you are new here, you may want to subscribe to our feed.

Ok, put this one in the scary category.  You know, it’s one thing to have your website hacked or held for ransom.  It’s quit another story to have one’s pacemaker hacked, altered, and compromised.  The outcomes could be chilling.

The study was led by Tadayoshi Kohno of the University of Washington and Kevin Fu of the University of Massachusetts Amherst.  In their study, they describe reverse engineering recent wireless implanted cardioverter defibrillators, or ICDs.  These devices can provide heart information wirelessly.  What they found was that these devices could also be hacked and reprogrammed.  They demonstrated this by reprogramming the device to stop recording and deliver potentially lethal shocks.  Between 1990 and 2002, 2.6 million such devices were implanted into patients in the United States.

The researchers found that the ICD would send health information unencrypted.  That’s not good for starters.  They also found that the device would respond to unauthenticated devices - giving good grounds for a denial of service attack on the device.  That would render the device inoperable.  They didn’t test the range of the possible attack, which is something that is of definite interest.  If you have to be within very close proximity to pull off these attacks, then it’s much less of a concern than a 5 mile range.  The researchers pulled the hack off using commercial ICD programmers and a software radio.  It wouldn’t be hard for someone to pull this off.  Do implanted drug dispensers also have this type of interface?  That also would be scary.

The paper does outline some remediation techniques.



Related Posts:

Wordpress Hacked
Here's a news bulletin if you haven't seen it.  One of Wordpress' servers were hacked.  Code within the 2.1.1 release...

Chinese Hacked Pentagon in June
My oh my. I remembered seeing a blurb about issues in the Pentagon in June. At the time,...

WordPress Cross Site Scripting Vulnerability
Hats off to Ashish for this tip! It seems that the National Vulnerability Database is referencing a WordPress Cross...

Sweetbay Supermarket Servers Hacked
Well, here it comes again.  Hannaford Bros., Inc. issued a statement this week stating that hackers had made off with...

Why I Hacked My WEP Wireless Router
Part of securing your network must include looking at your wireless access points. Wireless access can be dangerous to your...
2 Comments so far
  1. ChrisM March 21, 2008 3:21 pm

    That is seriously scary. OK, the likelihood someone would wander around randomly looking for patients with this sort of pacemaker is hopefully slim, but the idea that big brother could zap you out so easily…

    btw, hope you don’t mind the suggestion, but a ’subscribe to comments’ type plugin might bring in return visitors.

  2. admin March 21, 2008 4:14 pm

    hey Chris, thanks for stopping by! ooops, i thought i had subscribe enabled. well, enabled now. don’t mind the suggestion at all ;^)

Leave a Comment

If you would like to make a comment, please fill out the form below.

Name (required)

Email (required)

Website

Comments

© 2007 PaulTech Network, - Daily Blog Tips Themes