[guide.chat] pacemakers can be switched off by hackers remotely
- From: vanessa <qwerty1234567a@xxxxxxxxx>
- To: "GUIDE CHAT" <guide.chat@xxxxxxxxxxxxx>
- Date: Tue, 10 Apr 2012 22:40:50 +0100
Hackers 'can gain access to medical implants and endanger patients' lives'
By CLAIRE BATES
PUBLISHED: 09:34, 10 April 2012 | UPDATED: 09:45, 10 April 2012
It may sound like the plot of a modern thriller movie, but security researchers
say many medical implants are vulnerable to cyber attacks that could endanger
their users' lives.
An increasing number of patients are being fitted with devices such as
pacemakers and insulin pumps to manage chronic conditions.
Vulnerable: Barnaby Jack shows how he can hack the insulin pump fixed inside a
mannequin using a laptop and antenna
An expert has now warned hackers could gain remote control of such implants
because they rely on unprotected wireless links to update them.
After gaining access to the device, a cyber criminal could then switch it off
or tell it to deliver a dangerous dose of medicine to the patient, potentially
killing them.
Researchers said although there hadn't been any known attacks to date, far more
work is needed to protect implants from malicious actions.
More...
Drug that can repair heart attack damage and trigger growth of healthy tissue
Barnaby Jack, an analyst at security firm McAfee, has revealed how he was able
to hijack a well-known make of insulin pump within two weeks by hacking its
radio signals using a small antenna. He was also able to disable security
alerts that warn the user something is awry.
He told the BBC: 'We can influence any pump within a 300ft range.
'We can make that pump dispense its entire 300 unit reservoir of insulin and we
can do that without requiring its ID number.'
An ordinary insulin dose would be five to 10 units after a meal to regulate
blood sugar. An entire cartridge would therefore spell deep trouble for the
patient.
One problem medical firms face is that the devices can't be updated at present
without being recalled, unlike laptops or mobiles that regularly receive
security updates.
'These are computers that are just as exploitable as your PC or Mac, but
they?re not looked at as often,' Mr Jack told Bloomberg last month.
'When you actually look at these devices, the security vulnerabilities are
quite shocking.'
Wireless: Pacemakers, as seen in this X-ray, could be switched off if
successfully hacked
Mr Jack said medical companies had shown a complete lack of foresight into how
vulnerable wireless medical devices could be.
However, the firm Medtronic, which produces one of the insulin pump models
hacked by Mr Jack, said it was doing 'everything it can' to address security
flaws.
'This is an evolution from having to think about security and safety as a
healthcare company, and really about keeping people safe on our therapy, to
this different question about keeping people safe around criminal or malicious
intent,' Catherine Szyman, president of Medtronic's diabetes division, said.
Researchers from the University of Massachusetts have been working on improving
the security of cardiac devices, since they discovered in 2008 that a
defibrillator could be reset by a hacker to deliver a shock that might prove
fatal.
Cybercriminals have yet to target medical implants, but researchers say this
could happen in the near future
In August last year, Professor Kevin Fu revealed they had created a wearable
'shield' device that can emit a jamming signal when an active attacker
establishes an unauthorised wireless link between a pacemaker and a remote
terminal.
If all broadcasting radio 'noise' on the implant frequency is blocked by a
jamming device, it prevents the doctor as well as an attacker from receiving
the data signals.
The 'shield' allows doctors to access the data but stops passive eavesdroppers
and active attackers.
While it doesn't jam all signals, Professor Fu said it could block a
sophisticated adversary until they were within five metres of a victim's
implant.
In the UK, the Medicines and Healthcare products Regulatory Authority (MHRA)
said they had yet to receive any reports of medical implant hacks.
'We closely monitor the safety and performances of all medical devices and take
action to ensure the safety of patients,' a spokesman said.
from
Vanessa The Google Girl.
my skype name is rainbowstar123
Other related posts:
- » [guide.chat] pacemakers can be switched off by hackers remotely - vanessa
