Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researcher Reverse-Engineers Pacemaker Transmitter To Deliver Deadly Shocks

Soulskill posted about 2 years ago | from the cheerful-news-of-the-day dept.

Security 216

Bismillah writes "Pacemakers seem to be hackable now too, if researcher Barnaby Jack is to be believed. And the consequences of that are deadly. Anonymous assassinations within 30 feet of the pacemaker seem to be possible. From the article: 'In a video demonstration, which Jack declined to release publicly because it may reveal the name of the manufacturer, he issued a series of 830 volt shocks to the pacemaker using a laptop. The pacemakers contained a "secret function" which could be used to activate all pacemakers and implantable cardioverter-defibrillators (ICDs) in a 30 foot -plus vicinity. ... In reverse-engineering the terminals – which communicate with the pacemakers – he discovered no obfuscation efforts and even found usernames and passwords for what appeared to be the manufacturer’s development server. That data could be used to load rogue firmware which could spread between pacemakers with the "potential to commit mass murder."'"

cancel ×

216 comments

Sorry! There are no comments related to the filter you selected.

Vulnerability in pacemaker firmware? (5, Funny)

DikSeaCup (767041) | about 2 years ago | (#41679777)

Shocking!

Re:Vulnerability in pacemaker firmware? (5, Funny)

dkleinsc (563838) | about 2 years ago | (#41679795)

I'm shocked, shocked!%N#)NO CARRIER

Re:Vulnerability in pacemaker firmware? (0)

Anonymous Coward | about 2 years ago | (#41680939)

I'm shocked, shocked!%N#)NO CARRIER

That is sooooooooooooo 1990s.

Re:Vulnerability in pacemaker firmware? (0)

Anonymous Coward | about 2 years ago | (#41679805)

Speaking of - can it be used as a makeshift defibrillator in case of a heart attack?

Re:Vulnerability in pacemaker firmware? (5, Informative)

durrr (1316311) | about 2 years ago | (#41679863)

There's pacemakers that only do the pacing.
There's ICDs; Implantable cardioverter-defibrillators that restores proper rythm after detecting arrythmias.
And there's combinations of the two. Most likely the pacemaker in question here is a combination device or they're actually talking about ICDs and not pacemakers.

A classic heart attack involves blocking of coronary arteries however and a defibrillator won't do shit for that. Defibrillations are made to terminate an arrythmic beat and restore the normal sinus rythm.

Re:Vulnerability in pacemaker firmware? (-1)

Anonymous Coward | about 2 years ago | (#41679879)

There's pacemakers that only do the pacing.
There's ICDs; Implantable cardioverter-defibrillators that restores proper rythm after detecting arrythmias.
And there's combinations of the two. Most likely the pacemaker in question here is a combination device or they're actually talking about ICDs and not pacemakers.

A classic heart attack involves blocking of coronary arteries however and a defibrillator won't do shit for that. Defibrillations are made to terminate an arrythmic beat and restore the normal sinus rythm.

Thanks for the medical synopsis here, although I'm not exactly sure how it has fuck-all to do with the topic at hand.

Does it really matter how the little black box caused your heart to stop, or is perhaps the more pressing issue is that someone can cause that remotely...hmm...

Re:Vulnerability in pacemaker firmware? (0)

Anonymous Coward | about 2 years ago | (#41679931)

I'm not exactly sure how it has fuck-all to do with the topic at hand.

It was a response to the question the parent asked. Try reading it.

Does it really matter how the little black box caused your heart to stop

Yes, it does.

Re:Vulnerability in pacemaker firmware? (1)

Anonymous Coward | about 2 years ago | (#41679943)

What if a person hits REBOOT, holds their breath, and has a lot of hope? Or am I just thinkin' like an ignorant redneck again?

Re:Vulnerability in pacemaker firmware? (3, Funny)

Anonymous Coward | about 2 years ago | (#41680387)

Remember to disable fsck on startup!

Re:Vulnerability in pacemaker firmware? (-1)

Anonymous Coward | about 2 years ago | (#41680669)

Plural, my friend. There "ARE" not "IS"...

Isn't it plain and obvious... (5, Insightful)

shiftless (410350) | about 2 years ago | (#41679901)

...the state of computer "engineering" is complete and utter shit if a fucking pacemaker can be hacked and compromised? What the mother fuck? Are you fucking kidding me? Shouldn't those be among the best designed, safest, most reliable and secure of devices? God help us all. Just wait until they drag us into this war with Iran here soon, and China and Russia decide to team up to end our bullshit and we end up descending into WW3.

Can you imagine the utter chaos in the U.S. when all our magic electronic boxes suddenly stop working, or worse, work silently behind our backs to sabotage and/or kill us? According to another /. article, it's 300+ days on average (sometimes years) between the finding of a typical "zero day" exploit and when it was actually found (kept hidden, and potentially exploited) by attackers. Who wants to bet money China and Russia both have teams of hackers dedicated to finding exploits for all common software and systems in the U.S., extensively documenting and writing code against them, nicely sorting and tabulating it all out and filing it away in an archive, then keeping this info close at hand at all times for when the right opportunity presents itself?

Right now we are more vulnerable than ever. Hands up: who here is looking forward to jumping into a world war with both feet, then being surprised by how much we don't know about our own security vulnerabilities, learning the hard way from powerful foreign countries that just might kick our asses, or at the very least cause massive damage (bombing, etc) to the mainland U.S.? We're learning now that pacemakers have huge gaping security holes. Holy fucking Christ. What else is out there waiting to be compromised and exploited?

Re:Isn't it plain and obvious... (4, Funny)

mwvdlee (775178) | about 2 years ago | (#41679925)

Holy fucking Christ. What else is out there waiting to be compromised and exploited?

Your sanity?

Re:Isn't it plain and obvious... (3)

thedonger (1317951) | about 2 years ago | (#41680369)

Shouldn't those be among the best designed, safest, most reliable and secure of devices?

I'm surprised they would allow remote access without a direct connection. It's vulnerable enough in that it relies on electronic timing and can be affected by external electromagnetic forces; but, to make it accessible via wireless/RF/whatever just seems like a bad idea through and though.

Re:Isn't it plain and obvious... (1)

pauljlucas (529435) | about 2 years ago | (#41680457)

I'm surprised they would allow remote access without a direct connection. It's vulnerable enough in that it relies on electronic timing and can be affected by external electromagnetic forces; but, to make it accessible via wireless/RF/whatever just seems like a bad idea through and though.

AFAIK, wireless access was designed in so doctors can tweak the settings without having to cut into the patient to make a wired connection.

Re:Isn't it plain and obvious... (1)

judoguy (534886) | about 2 years ago | (#41680703)

Direct connection is a BAD idea. How do you propose to do that? Anything that penetrates the skin, particularly with a direct cardiac connection is a huge infection vector. And yes, I used to work for a class III medical device manufacturer.

Re:Isn't it plain and obvious... (5, Funny)

MarkGriz (520778) | about 2 years ago | (#41680473)

utter shit if a fucking pacemaker
What the mother fuck?
Are you fucking kidding me?
end our bullshit and we end up descending into WW3.
work silently behind our backs to sabotage and/or kill us?
powerful foreign countries that just might kick our asses
Holy fucking Christ.

Ask your doctor if Xanax is right for you

Re:Isn't it plain and obvious... (1)

locofungus (179280) | about 2 years ago | (#41680779)

"...the state of computer "engineering" is complete and utter shit if a fucking pacemaker can be hacked and compromised?"

While I don't know the details of this, I don't think you can claim that computer "engineering" is complete and utter shit because it's possible to do bad things that will kill people.

The vast majority of cars have wheel nuts that are accessible and use a standard spanner to remove. This is a real threat - cars with expensive wheels now typically use locking wheel nuts - but what you don't (often) get is people removing wheel nuts or letting down tyres "because it's fun and I'm 'leet' "

In the UK in the late 80s and early 90s we did have a spate of high performance cars being stolen and "joy ridden". This lead to deaths, both of the "joyriders" and of innocent passers by. Modern cars are much harder to steal and this is no longer a significant problem. But nobody was claiming that the state of mechanical engineering was complete and utter shit because they didn't engineer their systems from day 1 to prevent this happening. What actually happened was that insurance companies required sophisticated immobilizers on these high performance cars. The buyers then started demanding this as default from the manufacturers and then the manufacturers added these more expensive engineering details.

Tim.

Re:Isn't it plain and obvious... (1)

dywolf (2673597) | about 2 years ago | (#41680829)

God help all those poor soldiers on the front lines with pacemakers.... ...

oh wait...

Re:Isn't it plain and obvious... (1)

cdrguru (88047) | about 2 years ago | (#41680885)

The clear answer is that security has been an afterthought and still is for the most part. There is also the rather idealistic notion that such things are utterly beneath humans to do. What we have found on the Internet is pretty much nothing is "beneath" humans. If someone can get away with doing some mischief, they might do it. If they can do it anonymously, it is almost a dead certainty someone is going to do it if for no other reason than for laughs or bragging rights.

We are clearly starting to see the dark underside of humanity. The Internet has allowed a huge amount of anonymous and pseudo-anonymous activity and this has pretty much turned over the rock so everyone can see the squishy, many-legged stuff that is buried in the human psyche.

No, I don't think there is any putting the genii back in the bottle. This pretty much means we are going to need a huge program to revise software with the first thought being "How can this be misused for fun and profit?" and the second being "Given infinite time, assume any security will be broken - so how do we keep this from being used in a harmful manner?" This means computers are going to get a lot harder to use and a lot of things that can't be automated in this environment will go back to manual systems or systems that require in-person, hands-on control.

Re:Vulnerability in pacemaker firmware? (0)

Anonymous Coward | about 2 years ago | (#41680327)

Bon Jovi said it best:

shock to the heart,
and you're to blame.
you give pacemakers,
a bad name.

Why are these approved? (5, Interesting)

Errol backfiring (1280012) | about 2 years ago | (#41679779)

... he discovered no obfuscation efforts and even found usernames and passwords ...

How come such pacemakers were ever approved by the FDA?

Re:Why are these approved? (3, Insightful)

Anonymous Coward | about 2 years ago | (#41679793)

Because the FDA doesn't care about security. It's not in their mission or charter, and they don't test for it. Hopefully with issues such as this, that issue will be rectified.

Re:Why are these approved? (5, Insightful)

Anonymous Coward | about 2 years ago | (#41679923)

Because the FDA doesn't care about security. It's not in their mission or charter, and they don't test for it. Hopefully with issues such as this, that issue will be rectified.

Uh, not their mission or charter? Care to tell me exactly what the fuck their mission and charter is, if it's somehow not trying to keep citizens safe from products produced by companies with crystal-clear motives (greed, profit), driven by executives with less-than-average morals?

Computer security may not specifically be their primary mission, but product security sure as hell is. And if it's not, then dismantle the whole damn organization, because clearly what the public thinks they do, and what they actually exist for, are two completely different things.

Re:Why are these approved? (2)

Errol backfiring (1280012) | about 2 years ago | (#41680091)

I worked for a company that does medical test (for the approval of new medicines) and there were quite a few rules for writing the software needed. This is "secondary" software in the sense that it only captures data and no life depends on it directly. I would expect unencrypted communication channels to prosthetics to be severely outlawed.

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41680183)

It is their mission and charter. Anything that passes through their corrupt and greedy little hands is supposed to be safe for use. As in, it can't cause cancer after use, or shock your heart into stopping or open garage doors everytime you drive down a street (look it up).

Re:Why are these approved? (2)

cdrguru (88047) | about 2 years ago | (#41680913)

It takes a real paranoid person to think that someone would "just for fun" want to hack into a pacemaker. We haven't gotten over the idea that people are generally good and nobody would want to do this, even if they could.

The truth is that if you could kill someone with a mouseclick, you might - I don't care who you are, that is just the way people are in reality. We have operated under the assumption that "nobody would do this" for far too long.

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41680985)

A good section of the Public probably thinks the FDA is responsible for keeping them away from the Cure for Cancer.

However, a better question is not asking about the overall purpose of the FDA, but the specific authorizations they receive for the regulation of medical devices.

And no, they are not empowered to make the kind of decisions you want, they are actually enjoined from doing so, because they're nothing but technocratic bureaucrats and that means they shouldn't be trusted with setting their own rules. Better let Congress do it...or better yet, the same companies that are trying to sell the products! Surely business will know what will serve the customer without getting in their way. Can't have overpowering regulations crushing entrepreneurs, now can we?

Re:Why are these approved? (1)

nurbles (801091) | about 2 years ago | (#41679799)

The left side of the bell curve strikes again?

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41679803)

The FDA cares only that you have a "quality process", and follow it. It doesn't actually care about the quality of the software that comes out of that process.

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41679959)

The extensive product safety testing is mostly black-box for medical hardware. If you don't have roaming hackers in the testing environment specifications, you're out of luck.

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41679997)

There are exceedingly strict regulations about the design of medical devices. The design must be formally qualified with models of reliability to provide a definite reliability figure during licensing. Software designs should, where possible, be formally (I.e. with mathematical logic) proven; as opposed merely to designed to a specification, tested and debugged.

Implacable medical devices also have critical energy requirements as batteries are not easily repelaceable. Any CPU cycles or logic circuits not essential for the device's primary function are highly undesirable.

It is not surprising that security has been omitted as it would be very expensive and degrade the performance of the device. Modern technology should, however, be more capable which may make such security measures easier.

Re:Why are these approved? (0)

netwarerip (2221204) | about 2 years ago | (#41680011)

Maybe because the F stands for food and the D stands for drug?

Re:Why are these approved? (1)

gstoddart (321705) | about 2 years ago | (#41680521)

Maybe because the F stands for food and the D stands for drug?

Except, medical devices of all kinds are supposed to go through some fairly rigorous hurdles before they can be approved by the FDA. Even more so for the implantable kind.

That this is actually possible means either someone didn't fully grasp the impact of being able to get into these things remotely, or went for a "security by obscurity" approach. (Yes, they do need to be remotely accessible by the doctors, but you'd think they'd need to be somewhat more secure than this.)

Re:Why are these approved? (1)

drinkypoo (153816) | about 2 years ago | (#41680717)

medical devices of all kinds are supposed to go through some fairly rigorous hurdles before they can be approved by the FDA. Even more so for the implantable kind.

They do, but it's [been] more stuff like "resistant to body fluids and sanitizing compounds" and "rubber covers for all ports to prevent short circuits with possible sparks if items are set down on a metal surface which may be near an open oxygen tap" than "secure cryptographically protected interfaces" or "maximum protection for patient data".

Re:Why are these approved? (5, Informative)

cultiv8 (1660093) | about 2 years ago | (#41680019)

This has been known since at least 2008 [secure-medicine.org] . The Economist has an interesting article about the FDA slowly moving towards open source medical devices [economist.com] to improve the overall security and reliability of software in medical devices.

Re:Why are these approved? (1)

Errol backfiring (1280012) | about 2 years ago | (#41680171)

Even the fact that an internal organ has or needs wireless capabilities baffles me. There are so many ways to abuse them! You can be tracked, for instance. Does Google have all the details of the pacemakers among the router data? Why not create a plug just under the skin so it is easily reached when needed? Wireless pacemakers literally are an unnecessary evil.

Re:Why are these approved? (2)

RobinH (124750) | about 2 years ago | (#41680259)

Actually the benefit of wireless is absolutely obvious: you can monitor battery levels, even update firmware in the event of a serious bug, without doing surgery, and without having wires protruding through the skin (which is itself a major infection risk).

Re:Why are these approved? (3, Insightful)

aXis100 (690904) | about 2 years ago | (#41680543)

Yeah, but there's a difference between short range wireless (several cm) and long range (10's of metres) that makes a huge difference to the possible attach vectors.

Re:Why are these approved? (1)

Rob the Bold (788862) | about 2 years ago | (#41680689)

Yeah, but there's a difference between short range wireless (several cm) and long range (10's of metres) that makes a huge difference to the possible attach vectors.

But since the attacker isn't worried about getting his hacked programming device approved, he's free to boost the amplifier and/or antenna gain on his end, or any other tweak he can come up with to increase the effective range.

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41680063)

They were told not to concern themselves with such things.

After all, elected officials know far better, the people picked them, whereas unelected bureaucrats, well, they just have fancy degrees.

Re:Why are these approved? (1)

gweihir (88907) | about 2 years ago | (#41680169)

The FDA is clueless, susceptible to coercion and no competent independent security review was ever done.

Re:Why are these approved? (0)

Anonymous Coward | about 2 years ago | (#41680343)

Because the people at the FDA are romantics at heart.

"baby, you have the username and password to my heart."

I'm shocked... (0)

AmiMoJo (196126) | about 2 years ago | (#41679791)

... by this shocking news! My heart nearly burst out of my chest I was so surprised!

Prank your family! (1)

Anonymous Coward | about 2 years ago | (#41679813)

... Reminds me of the TV-B-Gone.

Well I'm convinced it's true (1)

Anonymous Coward | about 2 years ago | (#41679823)

So pacemaker manufacturers put in mechanism for making 800 volt shocks? Some sort of huge capacitors? And they put this in just waiting for a security researcher to find?

Erm. Well I'm convinced! Must be true. Not some McGyver scenario at all.

"Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, game, hardware, retail, financial, media, travel, aerospace, healthcare, high-tech, social networking, and software development organizations. "

Re:Well I'm convinced it's true (-1)

Anonymous Coward | about 2 years ago | (#41680365)

What you're describing is an ICD, and many pacemakers manufactured in the last decade have included the design. No, it doesn't require "huge" capacitors. 800 volts is rather trivial to generate on-demand from even a tiny power source. I built a stun gun capable of generating 900,000 volts on-demand out of a few dollars worth of parts and a 9 volt battery, and it fits in the palm of your hand -- I assume that billion-dollar medical manufacturers can do a far sight better.

Re:Well I'm convinced it's true (4, Informative)

Hank the Lion (47086) | about 2 years ago | (#41681089)

I built a stun gun capable of generating 900,000 volts on-demand out of a few dollars worth of parts and a 9 volt battery, and it fits in the palm of your hand

900V or 9 kV I would believe, 900 kV not so much.
You would need creeping distances of more than 300 mm just to prevent arcing and making the voltage collapse before it even reached the 900 kV.
"900 kV" and "fits into the palm of your hand" are mutually exclusive, I think.
(and yes, I've designed and built multi-kV devices myself)

Function creep...? (1)

Horus1664 (692411) | about 2 years ago | (#41679827)

Why would a device such as a pacemaker, with what seems to be a simple and bounded function, require the facility to communicate with anything?

Re:Function creep...? (5, Informative)

richardcavell (694686) | about 2 years ago | (#41679845)

Cardiologists commonly communicate electronically with the pacemaker after its insertion to adjust numerous parameters of its function. The pacemaker can also deliver information to the cardiologist about its usage history, battery state, etc. (Doctor) Richard Cavell

Re:Function creep...? (4, Interesting)

kenh (9056) | about 2 years ago | (#41680017)

There is the other side of this - if the pacemaker was protected by a password, what if a cardiologist other than the one that installed it had to access/update/configure it? Either there would have to be a commonly-known access code (negating all attempts at securing the device) OR the doctor would have to contact the Mfg. or some central password authority to get the codes to access the device, and that might be an unacceptable delay in a life-or-death scenario.

Sure, you could ask patients to carry password cards OR tattoo the password on a body part if you really felt the need to password-protect the device.

Not so sure about one pacemaker updating another pacemaker, as the description mentions - does the pacemaker really have a strong enough transmitter to download a new firmware image onto another pacemaker in another body?

Re:Function creep...? (0)

Anonymous Coward | about 2 years ago | (#41680221)

[ 571254000.0 ] /dev/heart - shock capacitor 100%, battery 9.5%, fatal errors 0, physical failures: 0, memory failures: 50, mobility: 80%, patient may need replacing.

Re:Function creep...? (0)

Anonymous Coward | about 2 years ago | (#41679849)

less scalpels involved if you need to get data from the device or reconfigure it

Re:Function creep...? (0)

Anonymous Coward | about 2 years ago | (#41679907)

Probably to avoid surgery just to check its logs/battery level/performance/other issues with the patients harts that might be detectable with the pacemakers.

Re:Function creep...? (0)

Anonymous Coward | about 2 years ago | (#41680645)

Pacemakers aren't a "one-size-fits-all" device, every patient needs different programming, the ability to alter the pacemaker settings without having to remove it surgically from the patient is an absolute must. There's always fine tuning needed after being implanted, and diseases progress over time as well -- what is optimum today may not be tomorrow, so there must be a way to change the settings without having to open patients up at the drop of a hat.

My father was implanted one in august 2010 to help with his hypersensitive carotid sinus syndrome. Sometime in early september of that year he had an episode where he still fainted and fell (and hurt himself) because the pacemaker was operating on a less agressive setting than it should be. It was a matter of 5 minutes at the hospital to adjust the settings and thankfully it hasn't happened since. Imagine if he had to go under the knife again just to correct that, it would be pretty insane wouldn't it?

Also, for the first six months since he got it he was monitored every month, the pacemaker logs would be read to make sure everything was peachy, and the pacemaker tested to check that everything was working as it should (it generally involves speeding up the heart rate on demand up to 100 bpm for a few seconds and other self diagnose tests). For the six months after that he was monitored every other month, now he goes for a check twice a year. This would be impossible to do if the pacemaker wasn't able to communicate wirelessly with the monitoring equipment.

The equipment itself is kind of a loop looking device that is placed on the shoulder so that the loop itself is centered around the spot where the pacemaker is implanted under the skin. The rest looks like a portable dvd player. Everything fits inside a small briefcase.

Correction (1)

wonkey_monkey (2592601) | about 2 years ago | (#41679831)

a series of 830 volt shocks from the pacemaker

Boomers (0)

Anonymous Coward | about 2 years ago | (#41679835)

Boomers are pushing 70s now. Within the next 10yrs they are going to start dying of in droves anyway.

Re:Boomers (1)

dcw3 (649211) | about 2 years ago | (#41679891)

At 53, I'm still a boomer. Considering that I'm still out doing 5 mile runs, I suspect I have the potential to hang on a bit longer.

Re:Boomers (1)

jasper160 (2642717) | about 2 years ago | (#41679933)

You are minority unfortunately. Most people today, of all age brackets, are part of the XL generation.

Re:Boomers (1)

neyla (2455118) | about 2 years ago | (#41680871)

Not "most", but more than a third of americans are obese, yes. If the trend holds, it'll be "most" in another decade.

Re:Boomers (0)

Anonymous Coward | about 2 years ago | (#41679945)

"Pushing" means the top end, not the bottom end of the age range.

Re:Boomers (1)

vlm (69642) | about 2 years ago | (#41679949)

Considering that I'm still out doing 5 mile runs

Sadly, in the USA, that makes you a far right corner of the bell curve elite athlete.

I shit you not, I'm considered an "athlete" or "jock" at work because I take a 1+ mile walk every day as a portion of my lunch hour while everyone else in the 500 person building sits around and gets fatter at lunch time.

Re:Boomers (1)

aicrules (819392) | about 2 years ago | (#41679971)

Distance running can be one of the places where what appears to be a healthy person ends with a heart attack. Keep up the exercise, but definitely be sure to have regular check ups with your Doc.

Re:Boomers (0)

Anonymous Coward | about 2 years ago | (#41680005)

5 Miles is hardly distance running. More like a normal average persons twice a week light exercise. Then again, I don't live in the US.

Re:Boomers (1)

Urban Garlic (447282) | about 2 years ago | (#41680959)

If after 53 years you still haven't finished your 5-mile run, you may not be in especially good condition...

I think I understand the lack of security (2)

ndogg (158021) | about 2 years ago | (#41679837)

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Re:I think I understand the lack of security (1)

machine321 (458769) | about 2 years ago | (#41679915)

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Yeah, but there are a lot of developers are sociopaths. Fortunately one of the people who discovered this went public with the information.

Re:I think I understand the lack of security (1)

localman57 (1340533) | about 2 years ago | (#41679919)

Or just a common hacker who likes to mess with stuff. People have been finding ways to modify the ECM calibrations in cars for years, although until recently it hasn't been wireless capable.

So, Bobby, you're pretty good with the computers, right? Could you make the old ticker run a bit stronger for a while? Ya see, old man Johnson's been telling all the dames down at the retirement home all about how he keeps lapping me around the mall. I just need, you know, a little boost.

Re:I think I understand the lack of security (0)

Anonymous Coward | about 2 years ago | (#41679961)

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Really? I think the developer was doing nothing more than assuming that the lockdown of the device was the job of "someone" other than him.

Developers often work in far-less secure environments because security blockades can impair development. Security is usually that step that everyone assumes that "someone" will do...until shit like this happens, when everyone finally realizes "someone" isn't there, or was never hired/budgeted for in the first place.

Re:I think I understand the lack of security (1)

Intrepid imaginaut (1970940) | about 2 years ago | (#41679989)

No, sorry this is just completely insane. Under no circumstances should this have been possible, at all, ever. How many senior politicians and CEOs have pacemakers? Something sounds like it went very wrong in the engineering, development, or management departments, or maybe all three.

Re:I think I understand the lack of security (0)

Anonymous Coward | about 2 years ago | (#41680279)

It seems completely obvious that security simply was not part of their product development lifecycle. It makes sense that previous versions that did not accept outside information would not undergo some type of security auditing and without good corporate governance they would just iterate the development process.

Re:I think I understand the lack of security (1)

Errol backfiring (1280012) | about 2 years ago | (#41680191)

Unfortunately, it only takes one sociopath.

Or an advertising company (for tracking). Or a supermarket. Or...

Re:I think I understand the lack of security (2)

fph il quozientatore (971015) | about 2 years ago | (#41680397)

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?" Unfortunately, it only takes one sociopath.

Think about intelligence agencies and secret service. The same people that already killed with Polonium poisoning in the past, for instance.
It's a very clean and safe way to dispose of someone after all: who can tell it from a real heart attack after the fact?

Re:I think I understand the lack of security (1)

skids (119237) | about 2 years ago | (#41681061)

Unfortunately, it only takes one sociopath.

...or one particularly loathsome patient.

Crank 3 (5, Funny)

revelation60 (2036940) | about 2 years ago | (#41679855)

Sounds like it could be the plot of the new Crank movie!

Extra-human capabilities, too? (1)

Anonymous Coward | about 2 years ago | (#41679909)

"potential to commit mass murder"

How about using the functionality to ENHANCE your heart? For example: increase heart rate in anticipation of race, even out heartbeat to beat a lie detector, etc. ?? I don't know enough about pacemakers / ICDs to know if they could have any extra-human capabilities ... Anyone?

Re:Extra-human capabilities, too? (0)

Anonymous Coward | about 2 years ago | (#41679973)

TFS says that a hack could spread from pacemaker to pacemaker - how the hell is that allowed? I can see a pacemaker being vulnerable to a remote control hack (not that they should be, but that security was forgotten), but who would make a pacemaker that was capable of talking out with enough power to reach another device at least 30 cm away? What usecase is there for this?

Re:Extra-human capabilities, too? (0)

Anonymous Coward | about 2 years ago | (#41680163)

Long distance disabling of the devices?

Re:Extra-human capabilities, too? (1)

Robert Zenz (1680268) | about 2 years ago | (#41679995)

I don't know enough about pacemakers / ICDs to know if they could have any extra-human capabilities ... Anyone?

"It's the sound of progress, my friend!"

Dick Cheney (3, Funny)

inode_buddha (576844) | about 2 years ago | (#41679941)

Dick Cheney has a pacemaker...

Re:Dick Cheney (0)

Anonymous Coward | about 2 years ago | (#41680053)

Then the world is saved, and all is good.

Re:Dick Cheney (1)

I_am_Jack (1116205) | about 2 years ago | (#41680131)

Dick Cheney has a pacemaker...

Had. He has a transplanted heart now.

Re:Dick Cheney (0)

Anonymous Coward | about 2 years ago | (#41680201)

Vampires don't need pacemakers they are dead already pffff

Re:Dick Cheney (0)

Anonymous Coward | about 2 years ago | (#41680383)

Cheney has a heart now? I heard he was interested in Aztec religion, and this explains it. I feel sorry for the donor obviously.
http://hereinliesomelies.blogspot.co.uk/2010/08/dick-cheney-confesses-he-is-incarnation.html

(message to FBI software; this is merely a bad taste joke and I apologize)

Re:Dick Cheney (1)

greylion3 (555507) | about 2 years ago | (#41680627)

Dang. I was going to start a bet about how long till Cheney bites it from a "malfunctioning" pacemaker.

On a side note; I've heard about organ recipients developing traits of their donors, so this might be a good thing.

Then again, bad news for whoever has their soul linked to Cheney until the ticker stops.

Death Panels (0, Troll)

tgd (2822) | about 2 years ago | (#41680041)

Well, automation brings efficiency. This will just make Obama's death panels all that much more efficient!

Just need to send a letter in the mail! "Dear Sir or Madam, Can you please ensure you are standing within 30 feet of your computer tomorrow morning at 8am."

Re:Death Panels (1)

azalin (67640) | about 2 years ago | (#41680743)

Why not built a circuit into the letter? Like those cards that play music once you open them.

Hmmm... sounds familiar (5, Informative)

StefanSavage (454543) | about 2 years ago | (#41680301)

Seems like this was demonstrated four years ago, no?

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses.
D. Halperin, T.S. Heydt-Benjamin, B. Ransford, S.S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.H. Maisel.
IEEE Symposium on Security and Privacy, May 18-21, 2008.

See: http://www.secure-medicine.org/icd-study/icd-study.pdf [secure-medicine.org]

new super villian! (0)

Anonymous Coward | about 2 years ago | (#41680353)

this sounds like an awesome supervillian plot

I hope to see it in a comic book of movie very soon

Solution.... (5, Funny)

coinreturn (617535) | about 2 years ago | (#41680361)

Tin foil vest.

Assassins Creed 2020? (1)

Fookin (652988) | about 2 years ago | (#41680483)

Sounds like a fun mission or mini-game for a future Assassins Creed title. Maybe you invade a Templar nursing facility and need to kill them without being detected.

*Lock-on target*

*BZZZZ-BZZZZ*

"Requiescat in pace."

Herp Derp article author (5, Informative)

Smerta (1855348) | about 2 years ago | (#41680493)

(1) It was most likely an ICD (or pacemaker/ICD combination), not a pacemaker.

Pacemakers are used to establish a regular heartbeat (pacing) at a specific interval. Implantable Cardiac Defibrillators (ICDs) are used to deliver high-voltage shocks at a precise moment in time to stop an arrhythmia. Delivered at exactly the wrong time, this can induce an arrhythmia.

(2) "he issued a series of 830 volt shocks to the pacemaker using a laptop". Sorry pal, thanks for playing, hit the bricks, you're done. The ICD (not pacemaker) is the one issuing the shocks. At least the voltage level sounds about right. All of this starting from a ~3V battery too.

The wireless interfaces (telemetry) into pacemakers and ICDs are notoriously insecure, from all major device manufacturers. They are playing catch up now. Believe me, there is a lot of heartburn (no pun intended) in the ranks of corporate/executive management in the device companies when it comes to this topic.

A couple points worth remembering:

(1) These devices have very long lifetimes. The typical implant is expected to last 6-10 years (usually the battery is the limiting factor). So there are people walking around with devices in them with security problems from 10 years ago in some cases.

(2) It takes a tremendous amount of money to develop a new device in this class. All the testing, certification, trials, etc. The electronics and firmware are incredibly optimized for their specific function, the test suites are massive, the verification & validation processes are lengthy.

(3) Regarding (1) above about 10 year old firmware - essentially all devices support near-range telemetry, which allows a physician / tech within physical proximity (a few inches) to download logs about what events the device has seen / experienced. It also allows the device to be updated with firmware patches. Having been around this enough in different places, I'm pretty confident saying that it's always in the form of patches, as opposed to wholesale forklift updates.

Patches aren't just pushed out like Firefox releases, even the smallest one is a massive amount of effort -- even if the change is a one-line change in code. And more importantly, any patch requires the patient to visit the physician, the physician to be up to date on patches & warnings, etc.. I've seen data first-hand from 2 device manufacturers showing the distribution of devices & updates in the field, and believe me, not everyone is anywhere near up to date. Actually, it probably looks a lot like the Firefox version distribution...

Re:Herp Derp article author (1)

LeadSongDog (1120683) | about 2 years ago | (#41681105)

Any such device is developed in a company run by medical doctors, not security engineers. While they want to produce an excellent, robust product, they lack the requisite sense of paranoia to value secure implementations.

Besides, when your heart goes on the fritz, do you really want the doc to have to waste time researching login credentials?

Not all bad news (0)

Anonymous Coward | about 2 years ago | (#41680501)

Doesn't Dick Cheney have one of these?

Oh come on... (0)

Anonymous Coward | about 2 years ago | (#41680673)

I worked in Pacemaker and ICD design for a decade. All the devices that I saw required a high field strength magnet, generally built into the programming head, to be held with in 10 cm's of the implanted device during programming. The devices have reed switches/hall-effect sensors or the like built in to detect the magnetic field before unlocking the device for programming.

SImple fix (0)

Anonymous Coward | about 2 years ago | (#41680713)

Have a physical switch disable wireless access, or make its case a Faraday cage. A technician then just has to remove the cover when they have to interface with the device. Why complicate the software?

This means a whole new line of clothing (0)

Anonymous Coward | about 2 years ago | (#41680809)

Why just have one wire in your bra? Introducing the Faraday collection!

Love the fact that... (1)

AmIAnAi (975049) | about 2 years ago | (#41680903)

Love the fact that my targetted advertising at the top of the page was for defibshop.co.uk - "Need a defibrillator..."

In my head! (0)

Anonymous Coward | about 2 years ago | (#41680917)

This makes me a little paranoid. I've got a pace-maker type device delivering small amounts of voltage to two implants in my brain! Talk about messing with your head...

Gee Brain, what do you want to do tonight? (1)

s_p_oneil (795792) | about 2 years ago | (#41680919)

This sounds like a plot for an episode of Pinky and the Brain.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>