Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

Summary: A health tech-related demonstration with chilling implications took place yesterday at the Black Hat Briefings.

SHARE:
TOPICS: Security
21

Original image courtesy of Flickr user kirinqueen.

This week, serious hackers are gathering in Las Vegas to attend Def Con 19, which follows closely on the heels of the Black Hat Technical Security Training and Briefings

A health tech-related demonstration with chilling implications that could have leapt right off the pages of a medical mystery thriller took place yesterday at the Black Hat event.

Imagine the following scenario: a Type I diabetic dies suddenly from an insulin overdose. Authorities assume that the pump was improperly programmed by the user, or that it malfunctioned. As the plot thickens and unfurls, it's discovered that a hacker hit man with a vendetta against the patient, or the pump manufacturer (or both) wirelessly hacked the device to deliver a lethal dose of insulin while sitting innocuously across the coffee shop from his unsuspecting victim, sipping a latte.

This scenario isn't as far fetched as it might seem.

Presenter Jay Radcliffe demonstrated how a program he wrote can wirelessly disable (and send a number of other commands to) his own insulin pump. What kind of hard-to-get information was required in order to hack into god mode on the insulin pump keeping him alive? Just the serial number for the pump. That's it. No, I'm not kidding.

I mean, it would probably take some reasonable programming chops. Radcliffe, according to his Linkedin profile, is a Cyber Threat Intelligence Analyst at IBM. It's ostensibly his job to identify vulnerabilities and target them for research purposes. But the reason he (and other experts like him) are doing that is because the bad guys are, too.

A recent ZDNet article pointed out how a popular Apple product ships with serial numbers and MAC addresses on the outside of the box. As many of the commenters pointed out, a lot of products now ship with their serial numbers printed on the outside of the packaging.

It is, therefore, not an unreasonable jump in logic to assume that an insulin pump might ship to a hospital with a serial number displayed on the outside of the box for all to see. It gives me the shivers.

We live in a world where there are double verification processes in place for just about everything.  Even really stupid stuff. For example, today I had to click a link to confirm that it's really me wanting to sign up for a simple email newsletter about my favorite hobby, and not some other person trying to get me spammed with their newsletters.

Shouldn't there be some process by which the patient has to personally approve changes to such a powerful regulatory device, especially since it has been surgically implanted into him? Radcliffe thinks so. He also recommends password protection for the serial number.

Look, I'm not trying to scare any specific individuals here. People living with diabetes have enough to worry about. But I do kind of wish the manufacturers and decision makers in the medical industry would get scared enough to implement some kind of reasonable security measures on these types of devices.

Heck, I should think they'd be rushing to do it, if only to cover their own arses. They often appear to be uber concerned about their own liability in every other far-fetched way (sometimes to the detriment of the patients, in my opinion). It's time for them to to get cracking on a solution for this issue and others like it.

Fact of fiction? Plausible. What do you think? Share your ideas in the TalkBacks below.

Topic: Security

About

Denise Amrich is a Registered Nurse, the health care advisor for the U.S. Strategic Perspective Institute, and a mentor for the Virtual Campus at Florida's Brevard Community College.


Nothing in this article is meant to be a substitute for medical advice, and shouldn't be considered as such. If you are in need of medical help, please see your doctor.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

21 comments
Log in or register to join the discussion
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    The same fear applies to automobiles as they get more and more computer-y. Honestly, things like an insulin pump shouldn't even be reachable with a wireless device. I should have to plug a cable into it if I want to change stuff. Something vital like this should be walled off from the world.
    Aerowind
    • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

      @Aerowind
      Inductive coupling should be used, non invasive and no external exposed plug.
      partman1969@...
    • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

      @Aerowind But on the other hand, the same individual in the coffee shop, if they failed to hack it, could just grab the insulin pump and beat you over the head with it. To really fear this requires one to believe that there's someone out there who wants to kill you and would do so within close proximity but only if they felt they wouldn't be caught. I mean, I leave the house without a bullet-proof vest every day because I have no reason to believe I'm going to be shot at. I still think it's more likely that I could get caught in the crossfire of a gunfight than that hackers may be plotting to saboutage medical equipment to kill me for no discernable reason.
      jgm@...
      • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

        @jgm@...
        I think you'd fnd this a lot more remote than being in the same coffee shop. Hell, it could come from Tiawan or any part of China/Japan, from the US, and then circled back to the US to the victim. It's not the coffee shop being moinitored, it's the online presence of the victim they look for. Could be a small task, even crossng the pond twice.
        tom@...
    • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

      @Aerowind
      But when you consder the probable internet IQ of those making the things, it's not only understandable, but plausble that it WILL happen! There should be a compliance organization to check the securty of such devices whether they're walled or not.
      WHO (what mfg) has any bult in security and how far does it go?
      tom@...
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    For at least 10 years some insulin pumps have had the ability to respond to a wireless signal. This allow a bolus to be administered discretely when the pump is on your person beneath garments and in a place you not attempt to reach in public. The pumps usually beep in response to the remote signal and are limited in the amount of insulin that can be delivered at one time. Some newer pumps communicate with the user's meter or the user's Continuous Glucose Monitoring Device to control the basal insulin rates and boluses.

    I expect that the medical device manufacturers are paying attention to these developments and will be responding in a suitable manner. I expect that the medical safety standards will shortly require some hardening of the devices to protect the patients against bogus signals.
    David Wilson
  • Learn from Control Systems

    Medical and other newcomers to computerized control systems need to study very carefully the lessons learned from decades of SCADA and manufacturing control systems. Not that these are bulletproof -- Stuxnet, anyone? But, any facility/component that can do harm to the system of which it is a part needs to be locked down, with redundant safety elements built in.
    mdwalls
  • One would think the medical device industry would pay more attention now

    I bet you money though there are going to be no changes made to the design at all. What it will boil down to is will it cost more to implement security or settle a civil suit when someone is killed by a hacker.
    Str0b0
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    Tooooo Much CSI!! Have a cup of camomile and go to sleep!
    eargasm
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    Even if they get the message and make changes, what about all of the units that are already in use?<br>These items are IMPLANTED, and I doubt that they can just have the controller program updated In-Situ.<br>In that case, they would have to issue what amounts to a recall on all of these units, and not only pay for the replacement units, but would also likely have to pay for the surgury as well.<br>So now we have the cost to re-engineer the devices, the cost for giving away replacements, the cost for replacement surgury, AND both the cost and hit to reputation for issuing the recall.<br>Unless the FDA gets involved, I would bet against it.<br>Let's face it, this IS a fairly unlikely scenario. I mean, unless this should be attempted by a cyber-terrorist or a really high tech mass murderer, willing to hit a minority of people that have a severe enough Diabetes problem that they require an Insulin pump, what are the chances?<br>Even then, how would you prove it?<br>Of course, if it DID happen and somebody DID prove it, then the fecal matter would truely hit the rotary air impeller.
    VBJackson
    • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

      @VBJackson
      insulin pumps are not surgically implanted.

      And while it may be possible to hack them wirelessly. I find this article to be nothing more than a feeble attempt at sensationalism writen by someone with absolutley no understanding of Diabetes or insulin.

      Also use of an unsulin pump has nothing to do with severity of diabetes there is not really any such thing as different severities of diabetes other than the distintion between type one and type two. In type one your body does not produce insulin in type two your body has become resistant to the insulin it does produce. The vast majority of type two diabetics do not use insulin.

      An insulin pump is nothing more realy than a mechanical syringe.

      And killing people with insulin despite the stuff you see in the movies is not really very effective.
      egnever
      • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

        @egnever

        +1
        IgnorantBugger
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    On a slightly related note, has anyone seen Repo Men ?
    ;0
    JoeDrt
    • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

      @JoeDrt
      Go away; your crap isn't what people are here to read!
      tom@...
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    The main flaw is using something that is fixed and unchangeable, and possibly printed on the product itself, as an authentication method. Stupid engineering decision!<br><br>Almost the same as writing down your passwords on a post-it note stuck to your monitor <img border="0" src="http://www.cnet.com/i/mb/emoticons/happy.gif" alt="happy">
    wazpark
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    I can believe it easily enough.
    1. Dumbos in internet use are manning the coding machines.
    2. Those dumbos know from nothing to very little about security and do little to protect that machine. There are so many ways to accomplist that it's ridculous. ANYTHING connected to the web is liable for jacking.

    For the perps, it's time to put them on the Fed wanted lists starting NOW for WANTED, Dead or Alive for Murder or attempted murder as the case may be. The perps families will suffer but better them than the total innocents they kill or try to kill. I'll volunteer to be an executionst for those cases, in fact.
    tom@...
  • What's YOUR kid...

    What's YOUR kid doing wth his computer?
    tom@...
  • Thats nothing.

    I can hack a Roomba. The possibilities are endless...

    ;)
    SiO2
  • RE: Fact or fiction? Hacker hit men can remotely murder through programmable insulin pumps

    I agree with egnever.
    I am a type 1 diabetic and I don't use an insulin pump but my 13yo niece who is also T1 does [use a pump].
    In reality we both always carry a fair amount of glucose on our person because self administered overdose of insulin is pretty common. I often double-dose myself accidentally because I have somehow forgotten I injected 10mins previously...annoying! The reason I don't die when I do this is because I can feel the effects of the resultant low blood sugar and I react to that feeling by taking an amount of glucose in proportion to how "low" (low BGL - blood glucose level) I feel. If I am still feeling "low" 10 or 20 or 30mins later I keep taking more glucose.
    I also regularly go quite "low" when I am asleep at night and I always wake up and take glucose, if I somehow stayed asleep theoretically I could die but my body somehow makes me wake up... usually feeling a bit sub-par.
    So...I think it would be hard to give someone a big enough dose via the pump so they somehow bypassed the "awareness of being low" phase and became immediately unconscious...and it would still take a few hours to actually die...I think...and if you keeled over in a cafe someone would probably notice...except maybe in [insert big city name here]
    thatchman
  • Not just insulin pumps, but pace makers etc!

    One does not have to have "known enemies or reasons" to become a random target of opportunity by a deranged individual. Just being a U.S. citizen is enough to warrant a death sentence from some terrorists.
    kd5auq