Kevin Fu (associate prof at the UMass Amherst/director of the Medical Device Security Center) gave a Black Hat presentation in Vegas yesterday in which he demonstrated a way of remotely disabling a pacemaker, using open radio technology. It sounds like other implantable devices, like those used for auto-administering drugs, would also be vulnerable to the attack. The attack relies on the fact that the control protocol for these devices does not use any cryptographic security -- that sounds like it'd be easy enough to fix for future models. Not sure how you'd field-patch the 2.6 million devices that have already been... installed to date, though.
A computer acts as a control mechanism for programming the pacemaker so that it can be set to deal with a patient’s particular defribrillation needs. Pacemakers administer small shocks to the heart to restore a regular heartbeat. The devices have the ability to induce a fatal shock to a heart.
Fu and Halperin said they used a cheap $1,000 system to mimic the control mechanism. It included a software radio, GNU radio software, and other electronics. They could use that to eavesdrop on private data such as the identity of the patient, the doctor, the diagnosis, and the pacemaker instructions. They figured out how to control the pacemaker with their device.
“You can induce the test mode, drain the device battery, and turn off therapies,” Halperin said.
Translation: you can kill the patient.
Defcon: Excuse me while I turn off your pacemaker, Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
Lex is a “wearable” chair, an apparatus that attaches to your thighs and waist.
First it was vinyl, then it was cassette tapes — now the latest old media that’s being praised for offering warmer, richer, higher-quality experiences?
Maria Farrell admits that comparing smartphones to abusive men (they try to keep you from friends and family, they make it hard to study or go to work, they constantly follow you and check up on you) might seem to trivialize domestic partner violence, but, as she points out, feminists have long been pointing out […]
When it comes to data analytics or deep learning, there’s one language behind the apps and algorithms that power the biggest companies of today: Python. The best part about this tool is that as versatile as it is, it’s actually fairly easy to learn. But mastery? For that, you need more than just a beginners’ […]
Your smartphone’s GPS is a modern necessity for some trips, but how do you use it safely? It’s been a problem ever since phones went mobile. A certain phone mount even shelled out the money for a commercial during the Big Game, so clearly there’s a market for the solution. Turns out there are a […]
There’s reading for pleasure, and then there’s reading for fuel; absorbing the great ideas in nonfiction books so you can apply them in your own life. In today’s hectic pace, it can be difficult to find the time to do that reading – especially for the entrepreneurs and professionals who can benefit the most from […]