Medical Implants Can be Hacked

Uploaded on 2016-12-19 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Health & Welfare

It is now possible to transmit life-threatening signals to implanted medical devices with no prior knowledge of how the devices work, researchers in Belgium and the UK have demonstrated.

By intercepting and reverse-engineering the signals exchanged between a heart pacemaker-defibrillator and its programmer, the researchers found they could steal patient information, flatten the device's battery, or send malicious messages to the pacemaker.

The attacks they developed can be performed from up to five meters (16 feet) away using standard equipment, but more sophisticated antennas could increase this distance by tens or hundreds of times, they said.

"The consequences of these attacks can be fatal for patients as these messages can contain commands to deliver a shock or to disable a therapy," the researchers wrote in a new paper examining the security of implantable cardioverter defibrillators (ICDs).

These devices monitor heart rhythm and can deliver either low-power electrical signals to the heart, like a pacemaker, or stronger ones, like a defibrillator, to shock the heart back to a normal rhythm.

At least 10 different types of pacemaker are vulnerable, according to the team, who work at the University of Leuven and University Hospital Gasthuisberg Leuven in Belgium, and the University of Birmingham in England. Their findings add to the evidence of severe security failings in programmable and connected medical devices such as ICDs.

They were able to reverse-engineer the protocol used by one of the pacemakers without access to any documentation, and this despite discovering that the manufacturer had made rudimentary attempts to obfuscate the data transmitted. Previous studies of such devices had found all communications were made in the clear.

"Reverse-engineering was possible by only using a black-box approach. Our results demonstrated that security by obscurity is a dangerous design approach that often conceals negligent designs," they wrote, urging the medical devices industry to ditch weak proprietary systems for protecting communications in favor of more open and well-scrutinized security systems.

Among the attacks they demonstrated in their lab were breaches of privacy, in which they extracted medical records bearing the patient's name from the device. In developing this attack, they discovered that data transmissions were obfuscated using a simple linear feedback shift register to XOR the data. At least 10 models of ICD use the same technique, they found.

They also showed how repeatedly sending a message to the ICD can prevent it from entering sleep mode. By maintaining the device in standby mode, they could prematurely drain its battery and lengthen the time during which it would accept messages that could lead to a more dangerous attack.

One saving grace for the ICDs tested is that, before they will accept any radio commands, they need to be activated by a magnetic programming head held within a few centimeters of the patient's skin.

For up to two hours after a communications session is opened in that way, though, the ICDs remained receptive to instructions not just from legitimate programming or diagnostic devices but also from the researchers' software-defined radio, making it possible to initiate an attack on a patient after he or she left a doctor's office.

Until devices can be made with more secure communications, the only short-term defense against such hijacking attacks is to carry a signal jammer, the researchers said. A longer-term approach would be to modify systems so that programmers can send a signal to ICDs, putting them immediately into sleep mode at the end of a programming session, they said.

Previous reports of hackable medical devices have been dismissed by their manufacturers.
The researchers in Leuven and Birmingham said they had notified the manufacturer of the device they tested, and discussed their findings before publication.

Computerworld:             Medical Devices Are The Weak Link:

 

 

« British Police - Stay Safe From Cyber Crime This Christmas
An Entire Anti-Drone Industry Is Emerging »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

ODSC

ODSC

ODSC is a security systems integrator that provides services and expertise in identity management and access.

AimBrain

AimBrain

AimBrain tools detect and prevent fraud, faster and more accurately than ever before.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Salt Security

Salt Security

Salt Security protects the APIs that are the core of every SaaS, web, mobile, microservices and IoT application.

Altipeak Security

Altipeak Security

Altipeak Security provide Safewalk - a flexible and robust authentication platform through which we offer improved security to SMBs, corporates, banks, insurance companies, healthcare and more.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

eCentre@LindenPointe

eCentre@LindenPointe

The eCenter@LindenPointe provides assistance to the development, management and promotion of STEM (Science, Technology, Engineering, Mathematics) related business ventures.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

WireGuard

WireGuard

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs).

Baidam Solutions

Baidam Solutions

Baidam Solutions is a 100% Australian owned and operated First Nations information technology business.

TELUS

TELUS

TELUS provide Canadian businesses with the services and solutions they need to securely thrive in a digital world. Partner with a cybersecurity leader you can rely on.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.

SOC-E

SOC-E

SOC-E is a leading technology provider for high-availability and deterministic networking, sub-microsecond synchronization and cybersecurity solutions for critical sectors.

Layer 8 Security

Layer 8 Security

Layer 8 Security is a cybersecurity advisory, consulting, and technical services firm that arms businesses with practical compliance, risk management, and security program strategies.