Kevin Fu (associate prof at the UMass Amherst/director of the Medical Device Security Center) gave a Black Hat presentation in Vegas yesterday in which he demonstrated a way of remotely disabling a pacemaker, using open radio technology. It sounds like other implantable devices, like those used for auto-administering drugs, would also be vulnerable to the attack. The attack relies on the fact that the control protocol for these devices does not use any cryptographic security -- that sounds like it'd be easy enough to fix for future models. Not sure how you'd field-patch the 2.6 million devices that have already been... installed to date, though.
A computer acts as a control mechanism for programming the pacemaker so that it can be set to deal with a patient’s particular defribrillation needs. Pacemakers administer small shocks to the heart to restore a regular heartbeat. The devices have the ability to induce a fatal shock to a heart.
Fu and Halperin said they used a cheap $1,000 system to mimic the control mechanism. It included a software radio, GNU radio software, and other electronics. They could use that to eavesdrop on private data such as the identity of the patient, the doctor, the diagnosis, and the pacemaker instructions. They figured out how to control the pacemaker with their device.
“You can induce the test mode, drain the device battery, and turn off therapies,” Halperin said.
Translation: you can kill the patient.
Defcon: Excuse me while I turn off your pacemaker, Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
Justine Haupt made this handsome and completely functional rotary cellphone. Her design is open-source and you can even buy a case kit from her company, Sky’s Edge Robotics. You have to find and carefully modify your own rotary dial, though — they’re apparently no longer made — as well as a few other components. Why […]
Samsung claims to have developed an “Ultra Thin Glass” for its new Galaxy Z Flip foldable smartphone, signalling scratch resistance and durability beyond that of similar products. But tests conducted by Zack Nelson using a Mohs Hardness Testkit [Amazon] — a set of styluses made of different materials — show that it is no more […]
There is very little evidence that Ring reduces crime. Hundreds of police departments have signed agreements with Amazon-owned Ring to obtain access to the home surveillance camera footage. Interviews with many of them, in 8 different states, show little to no evidence that Ring actually deters criminal activity.
If you remember your Norse mythology (or just watched Marvel’s Thor movies), you’re probably familiar with Heimdal, the god whose ever-watchful eye was entrusted with protecting the home of the gods in Asgard. Back on Earth, Heimdal Thor is also the name of a security package from Heimdal Security, that’s actually dedicated to much the […]
Everyone’s got their nose in a phone these days, and that doesn’t seem like it’s going to change anytime soon. With the increase in mobile device and e-commerce reliance comes increased need for developers who can build the apps we’re all so glued to. In fact, employment of devs is expected to grow up to […]
Whether you love cooking at home or you swore this was going to be the year you curbed your DoorDash addiction, you know you can’t get the job done well without the proper tools on hand. For all your recipe and meal prep needs, this 3-piece Sukasu Osami Chef’s Knife set will do you right […]