Kevin Fu (associate prof at the UMass Amherst/director of the Medical Device Security Center) gave a Black Hat presentation in Vegas yesterday in which he demonstrated a way of remotely disabling a pacemaker, using open radio technology. It sounds like other implantable devices, like those used for auto-administering drugs, would also be vulnerable to the attack. The attack relies on the fact that the control protocol for these devices does not use any cryptographic security -- that sounds like it'd be easy enough to fix for future models. Not sure how you'd field-patch the 2.6 million devices that have already been... installed to date, though.
A computer acts as a control mechanism for programming the pacemaker so that it can be set to deal with a patient’s particular defribrillation needs. Pacemakers administer small shocks to the heart to restore a regular heartbeat. The devices have the ability to induce a fatal shock to a heart.
Fu and Halperin said they used a cheap $1,000 system to mimic the control mechanism. It included a software radio, GNU radio software, and other electronics. They could use that to eavesdrop on private data such as the identity of the patient, the doctor, the diagnosis, and the pacemaker instructions. They figured out how to control the pacemaker with their device.
“You can induce the test mode, drain the device battery, and turn off therapies,” Halperin said.
Translation: you can kill the patient.
Defcon: Excuse me while I turn off your pacemaker, Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
“Welly, welly, well, to what do I owe the extreme pleasure of this ganjy gadget? What’s it going to be then, eh? There was me, that is Lexa, and my pelendus Pria, Georgina, and Dim, all sat in the So Milkbar with the package sent my way, safe of the rainy blacklight without. As everybody […]
The bookends ($79) are the clear winner here, but the robot hand tankard ($58) is pretty sweet too; they're made of painted resin (with a stainless steel insert in the tankard), pre-order now for July shipping. (via Geekologie)
I’d call it a spoiler, but you already know what’s coming: “As Seen On TV” garden gadgets are not much good, however ingenious they seem to be. Household Hacker picked up a few items and subjected them to tests. None were terrible or dangerous, but the gimmicks don’t really work — a trimmer that uses […]
If you’re into tools or gadgets, Memorial Day weekend is your Christmas. Take an extra 15% off the final price of these DIY accessories – all of which are already on sale – by entering the promo code WEEKEND15. LUXJET Universal 24-in-1 Magnetic Screwdriver Set & Repair Kit This small but sturdy kit won the […]
If you can build a cloud infrastructure, you can build a business. Companies are overwhelmingly turning to cloud computing to set up or bolster their network, and it’s easy to see why. It allows on-demand access to processing power, a la carte services, and nearly unlimited storage, all without adding extra systems and the maintenance […]
Does your gaming setup need an upgrade? No need to wait for Christmas. We’ve rounded up the latest tech accessories for your favorite video game platforms. All of them are already sale priced, but you can knock an additional 15% off the final price for Memorial Day by using the online code WEEKEND15. Audeze Mobius […]