Hacking a Pacemaker

jonkman sean writes "University researchers conducted research into how they can gain wireless access to pacemakers, hacking them. They will be presenting their findings at the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy. Their previous work (PDF) noted that over 250,000 implantable cardiac defibrillators are installed in patients each year. This subject was first raised along with similar issues as a credible security risk in Gadi Evron's CCC Camp 2007 lecture "hacking the bionic man"."

Re:Bionic eye

[tsa]

Believe me, you really want the thing to be programmable. They have to try a few settings to find oujt which makes you feel good, and if/when your body changes they can adjust the pacemaker accordingly. Modern pacemakers are marvellous pieces of technology that can give you your life back as long as you program them well!

Re:Don't fear.... much

[NIckGorton]

I'm not so sure about that (speaking as an ER physician who would generally be the one saying WTF is the password???)

In the worst case scenarios, either 1) put a donut magnet over it and it can be stopped or 2) give me a scalpel and 30 seconds and I can cut the leads, and then we can externally pace and/or defibrillate the person.

So I am not sure that the risk of being password protected would outweigh the risk of not being password protected. I'd want mine password protected, then put the password on a medic-alert bracelet that I wear.

Re:Ah, the smart-arse non-sequiturs

[I_Love_Pocky!]

I appreciate your enthusiasm, but thank god you aren't designing these devices. I work for one of the competitors to Medtronic (the company whose devices were studied). We have encryption in our RF communication. We DO take security into consideration, but there are trade offs that have to be considered. Battery life is generally the most important consideration. Every time surgery needs to be performed to physically access the device (usually because of a depleted battery) there is a risk of complications. These aren't insignificant risks either. Keep in mind the people getting these devices have health problems of some sort or they wouldn't be getting them. With that in mind, security solutions in this domain have to be very well thought out so as to avoid draining the battery significantly. So please, don't for a second presume that we are a bunch of monkeys sitting around on our asses ignoring real concerns. The real issue is that there are far more concerns than you are aware of. We do evaluate these concerns and try to build the best devices possible with the fewest compromises.

Re:Bionic eye

[Beardo+the+Bearded]

Ah, finally, someone understands something! Most programmers think that EVERYTHING that can be programmed has a multi-core architecture with a hard drive, monitor, etc. You haven't seen most of the computers that you use on a daily basis. Do you think your elevator runs a Duo-core? Your apartment buzzer controller isn't made by AMD.

I'm an EE with a lot of embedded experience in RF devices. I've had to make recalls because the standby current* was 50uA instead of 12uA. (For a GPS tracking board with VHF transmitter.)

The level of misunderstanding that's required to think that you can surreptitiously reprogram somebody's pacemaker without their knowledge is astounding. If you've got a pacemaker and someone tries to walk up to you and reprogram your chest, just walk away, man. Walk away. It's not like it's going to take 2 seconds to line everything up correctly. Even if all the technical details are magically sorted, a different brand could make your hack useless. So could temperature, humidity, clothing, chest hair, and any of the other RF voodoo things that you have to deal with.

*(Technically "quiescent" but I'm not sure everyone knows what that means.)