Kevin Fu (associate prof at the UMass Amherst/director of the Medical Device Security Center) gave a Black Hat presentation in Vegas yesterday in which he demonstrated a way of remotely disabling a pacemaker, using open radio technology. It sounds like other implantable devices, like those used for auto-administering drugs, would also be vulnerable to the attack. The attack relies on the fact that the control protocol for these devices does not use any cryptographic security -- that sounds like it'd be easy enough to fix for future models. Not sure how you'd field-patch the 2.6 million devices that have already been... installed to date, though.
A computer acts as a control mechanism for programming the pacemaker so that it can be set to deal with a patient’s particular defribrillation needs. Pacemakers administer small shocks to the heart to restore a regular heartbeat. The devices have the ability to induce a fatal shock to a heart.
Fu and Halperin said they used a cheap $1,000 system to mimic the control mechanism. It included a software radio, GNU radio software, and other electronics. They could use that to eavesdrop on private data such as the identity of the patient, the doctor, the diagnosis, and the pacemaker instructions. They figured out how to control the pacemaker with their device.
“You can induce the test mode, drain the device battery, and turn off therapies,” Halperin said.
Translation: you can kill the patient.
Defcon: Excuse me while I turn off your pacemaker, Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
The new Moto Razr is a handsome retro thing. At $1500, though, who wants a 6.2-inch foldable smartphone designed to resemble a classic flip-phone? The hinge design of the Moto Razr is probably the most interesting thing about it. The best Samsung can currently do in the foldables space is the Galaxy Fold, which, thanks […]
After years of poorly-received MacBook Pro models, Apple’s new sixteen-inch model has a lot riding on it.
Here’s an ad from Hikvision, the worlds’ largest security camera company, boasting of its products’ utility in detecting people’s ethnicity. James Vincent writes that it “speaks volumes about the brutal simplicity of the techno-surveillance state.” [via @CharlesRollet1, who points to an archived webpage that details the “Uyghur detection” feature]
If you’re doing any kind of data work, chances are you’re working in Excel. This venerable platform has evolved beyond its roots as a workhorse spreadsheet creator into an essential tool for data analysts and other high-level number crunchers. Want to brush up on this year’s version of the software? There’s no quicker way than […]
Does your computer gear need an upgrade? Don’t cross your fingers and wait for Christmas. You can get 15% off the final sale price of all these essential accessories now by using the online code BFSAVE15, including gaming mice and computer desks. Wireless Charging Mouse Pad Talk about a space saver. This high-quality mouse pad […]
WordPress is a fantastic tool for building web pages – if you know how to use it. Even with all the accessibility, a lot of the deeper features of WordPress are lost in translation to the average user. Enter WP Page Builder, a tool that not only makes WordPress site design easy but also more […]