Got room in your heart for a hacker?

Got room in your heart for a hacker?

Summary: I was looking over famed security researcher and cryptography expert Bruce Schneier's blog today and found an article on hacking medical devices.  I have to admit that I was surprised, but I shouldn't have been.

SHARE:
TOPICS: Security, Mobility
4

I was looking over famed security researcher and cryptography expert Bruce Schneier's blog today and found an article on hacking medical devices.  I have to admit that I was surprised, but I shouldn't have been.  These days, if you can build it, we can break it seems to be the theme.

Schneier references a New York Times article, which discusses research performed by a combination of researchers from Beth Israel Deaconess Medical Center, Harvard Medical School, the University of Massachusetts Amherst, and the University of Washington.  The article has one truly memorable quote:

The threat seems largely theoretical. But a team of computer security researchers plans to report Wednesday that it had been able to gain wireless access to a combination heart defibrillator and pacemaker.

They were able to reprogram it to shut down and to deliver jolts of electricity that would potentially be fatal — if the device had been in a person. In this case, the researcher were hacking into a device in a laboratory.

So, basically, using the device as a means to murder someone seems to be a potential exploitable vector. Also mentioned was the ability to steal user confidential data from the device as it transmits this data unencrypted.

Of course there were some caveats, such as proximity to the device, but a reasonable person would assume that some of these caveats could be bypassed.  Hopefully the companies involved with the production of these devices, as well as the medical community as a whole will realize security cannot be an afterthought. 

I don't think anyone is suggesting people don't get a pacemaker until these issues are fixed, but the research is a strong indicator we need to spend more time assessing the security of medical devices, systems, and facilities.

-Nate

Topics: Security, Mobility

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Potential for long-distance murder?

    Don't think that it'd be a far stretch to suggest that people could be murdered through the technology that's supposed to save them. We can only hope that we are not one of those people.
    jrodmel2007
    • RE: Long Distance Murder

      Yeah... this is what I was saying. One of the caveats was the
      proximity, but I mean, take wireless and bluetooth and what
      they've done to extend range of those tools. I'd imagine it
      could be done.

      -Nate
      nmcfeters
  • Castro would have been easier

    All you have to do is make him need a Pace Maker. Then the whole assassination thing would have been the simple click of the button.
    nucrash
    • RE: Castro

      Hahahahaha, nice. People are on the money this morning with the jokes!

      -Nate
      nmcfeters