Got room in your heart for a hacker?

Summary:I was looking over famed security researcher and cryptography expert Bruce Schneier's blog today and found an article on hacking medical devices.  I have to admit that I was surprised, but I shouldn't have been.

I was looking over famed security researcher and cryptography expert Bruce Schneier's blog today and found an article on hacking medical devices.  I have to admit that I was surprised, but I shouldn't have been.  These days, if you can build it, we can break it seems to be the theme.

Schneier references a New York Times article, which discusses research performed by a combination of researchers from Beth Israel Deaconess Medical Center, Harvard Medical School, the University of Massachusetts Amherst, and the University of Washington.  The article has one truly memorable quote:

The threat seems largely theoretical. But a team of computer security researchers plans to report Wednesday that it had been able to gain wireless access to a combination heart defibrillator and pacemaker.

They were able to reprogram it to shut down and to deliver jolts of electricity that would potentially be fatal — if the device had been in a person. In this case, the researcher were hacking into a device in a laboratory.

So, basically, using the device as a means to murder someone seems to be a potential exploitable vector. Also mentioned was the ability to steal user confidential data from the device as it transmits this data unencrypted.

Of course there were some caveats, such as proximity to the device, but a reasonable person would assume that some of these caveats could be bypassed.  Hopefully the companies involved with the production of these devices, as well as the medical community as a whole will realize security cannot be an afterthought. 

I don't think anyone is suggesting people don't get a pacemaker until these issues are fixed, but the research is a strong indicator we need to spend more time assessing the security of medical devices, systems, and facilities.

-Nate

Topics: Security, Mobility

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.