Aral Balkan

This is crazy: According to VentureBeat, "medical device security researchers have figured out how to turn off someone’s pacemaker via remote control."

What I found most worrying was this passage:

the devices have a built-in test mechanism which turns out to be a bug that can be exploited by hackers. There is no cryptographic key used to secure the wireless communication between the control device and the pacemaker.

The team can apparently turn off treatment wirelessly, thereby killing the patient.

The disclosure at Defcon wasn’t particularly detailed, though the paper has all of the information on the hack.

I find it unbelievable that a device as mission-critical as a pacemaker uses security through obscurity.

This should explode onto the mainstream news shortly.

Comments

• Pacemakers at the moment can contain information about the patient which can be accessed by hospitals and which can help identify the patient if they're not conscious after an accident or similar. If you were to encrypt all the information, you'd need to ensure that all the readers could decrypt the information in case of emergency, which would mean having separate keys for each pacemaker manufacturer. An interesting technical challenge : 1) prevent unauthorised sources from "tampering" with the settings of the pacemaker - i.e. bpm at which to fire etc 2) allow access to salient patient information to allow identity and serious allergy/patient records of importance to still be available 3) ensure that the lifetime of a pacemaker battery isn't impacted - 10 - 15 years is the current average

  by Jane on 2008-08-09 12:51:48

• @Jane: Separating the information from the controls and encrypting the controls should be the first step. There's a huge difference between being able to read someone's information and killing them. :) Data privacy is IMHO, relatively speaking, not that big a concern and could be left unencrypted in the short-term at least.

  by Aral on 2008-08-09 16:42:34

• That's incredibly stupid. Give the pacemaker a serial number and store the data just like all other medical data - in a database somewhere. Surely the data can then be kept updated as-well. As for turning the blinking thing off, add encryption as you say then store the key in the patients medical logs. I can't quite understand how this was not thought of during the design or even development stages.

  by Gareth Rodger on 2008-08-09 16:58:30

• Wow! I first thought you're kidding... I wonder how they will fix that... Bush doesn't happen to be wearing one of those? :p

  by Ronny on 2008-08-09 10:12:28

• While many would probably not die if their pacemakers were turned off. It's more there to help keep pace. Aid could probably be given to most in a timely fashion. Many pacemakers also have built in defibrillators to shock the heart if it stops. If one could hack such pacemakers and trigger the defib, that oculd very likely kill someone. Quite scary, but I've long suspected pacemakers to be a weakness. - The Saj

  by Jason The Saj on 2008-08-11 14:01:40