back to article Pacemakers, defibrillators open to attack

Pacemakers and implanted defibrillators are vulnerable to wireless attacks that could kill tens of thousands, says the security researcher best known for "jackpotting" an ATM on stage at the BlackHat security conference in Las Vegas in 2010. The researcher in question, Barnaby Jack, today told the Ruxcon Breakpoint security …


This topic is closed for new posts.
  1. KrisMac

    Woah!... thats a bit of a shocker...

    The downside of course is that no-one will have the heart to tell the patients...

  2. Paratrooping Parrot

    Different World

    In the past, wireless technology was not in the reach of individuals, so companies did not even consider securing their pacemakers and such. It is sad in these days of technology, there are those who are desperate to commit heinous crimes can do so with such ease. Before, to steal millions of pounds, you had to plan a bank robbery that involved arranging getaway drivers and such. Nowadays it can be a one man job and clicks of mouse and keyboard.

    In these times, it is imperative that everyone from the ground up actually learn to improve their systems to be secure. You also have to be able to maintain your system because the cracker will always want to crack the system, so be ready to update the system with better security.

    I guess as a short term measure, they will have to get those wearing pacemakers and such to wear some kind of Faraday's cage around their chest area. I hope no one patents this because there is prior art here.

  3. Concrete Gannet

    See Karen Sandler's talk

    Karen Sandler is currently Executive Director of the Gnome Foundation and previously worked for the Software Freedom Law Center, so she has a considerable background in open source software.

    She also has a heart condition and her cardiologist advised her to get an implanted defibrillator. Which contains software. She asked to see the source code to independently verify the quality of the code that purports to possibly save her life. As the original article says, this code just might kill her.

    Here's her story of what happened next.

    1. frank ly

      Re: See Karen Sandler's talk

      Fascinating and frightening. Thanks for the link.

      1. Anonymous Coward
        Anonymous Coward

        Re: See Karen Sandler's talk


  4. RobS

    Secure, Reliable, Cheap pick two

    Then again, if I needed one of these and I could have the (really complex) secure one or the (really simple) reliable one and my life depends on it - not sure that the worry that someone would hack me would come into the decision process.

    Remember that the probability of death by hacking is substantially lower than the probability of death by heart failure if you actually have one of these.

    1. Anonymous Coward
      Anonymous Coward

      Re: Secure, Reliable, Cheap pick two

      I'll take Secure and Reliable then please.

      "Remember that the probability of death by hacking is substantially lower than the probability of death by heart failure if you actually have one of these."

      Tell that to Dick Cheney...

      1. Nigel 11

        Re: Secure, Reliable, Cheap pick two

        Can't we have a third option: nonreprogrammable and reliable, like the ones they made in the 1970s and 1980s? Nothing to be hacked, short of opening your chest cavity. Completely secure, but by being dumb not by being "secure", like the unbreakable firewall known as an air gap.

        Sometimes less is more.

        1. Anonymous Coward
          Anonymous Coward

          Re: Secure, Reliable, Cheap pick two

          @Nigel 11 - Have you thought that the reason that they may be wireless reconfigured is not just "because they can" but because it makes them far more flexible devices than the primitive ones available in the 70s/80s?

  5. btone

    total eclipse of the...WTF!!!

    Gees as if the DRM isn't tough enough on games, now THIS!!!

  6. Anonymous Coward
    Anonymous Coward

    How wireless are we talking?

    I've seen wireless pacemakers, yes, but many of them can't communicate unless the transceiver is near point-blank against the device, on the skin.

    1. frank ly

      Re: How wireless are we talking?

      According to Karen Sandler's talk (see above), a medical technician can read your heart rate as soon as you walk into the room. That's how wireless.

      1. Anonymous Coward
        Anonymous Coward

        Re: How wireless are we talking?

        @Frank ly: I haven't read the talk, but I'm curious as to the whole technician can read your heart rate as soon as you walk into the room thing, because I've heard so many people who should know better insisting that NFC can work over the distance of a car park. The energy involved in transmitting a signal that far would be really quite large for a device which you don't want to be big or, ideally, store any more energy than it should.

        I have read about these devices a few times though and never heard anything that suggests anything except putting a big coil onto your skin will work.

    2. En_croute

      Re: How wireless are we talking?

      My Pacemaker (Medtronic 4194) was implanted in 2009, and, for the curious, sits just below my shoulder blade. During my annual checkup, the reader, a small PC mouse-shaped device is perched over the scar. It's positioning is quite delicate, and 1/2" out of place will see the comms drop off.

      So, tor the moment, this is restricted to an attack via the hospital equipment, or a prolonged personal attack (Asleep, passed out in a bar etc)

      Whilst the devices will improve their range, this will require a bigger battery. As there is no wireless charging option available yet, this requires a re-fit every 7-10 years.

      Hold on, this sounds familiar...... Fixed battery, dedicated software analysis by a "technician", expensive to install, difficult to service, proprietary software, limited connectivity - damn it - I have seem to have an iPacemaker.

  7. Whitter

    Wireless medical life support

    There are indeed changes in the industry starting to take "violent hacking" into account. That's an issue that people should push the lawmakers to accelerate - and their doctors to take into account when ordering devices: make a tender redline and it will indeed happen.

    But as to her greater point: do you have the right to propriety IP in a device implanted in you? You certainly have the right not to have the device at all, and they have the right not to sell it to you (so long as that isn't in a discriminatory manner), notr withdraw your rights to use it once it's in there. But do you have the right to their IP work? Its complex stuff and doesn't get done for free. "It's going to go in me, so yes" is certainly a fair and understandable POV. But it isn't the only one.

    Alas, this probably comes doen to private/public sector issues: if the private sector did the work, its theirs. If the public sector did the work, it's the publics (yours). So if you want it, get your universities to do the leg work building it and you can have it.

    Private industry and medicine have a lot of issues and this is only one - a small one given what big phara gets up to.

    1. Anonymous Coward
      Anonymous Coward

      Re: Wireless medical life support

      I think the Oracle/Google trial demonstrates that you're naive. Unless you think that the machine can't be reverse engineered from a corpse.

      Or did I miss something?

  8. CanaDave

    Not that bad but does require a re-think

    I have an implantable pacemaker inside me and had similar discussions with my surgeon when I asked how the 'blended sensor' technology worked. I was told that although he installs several devices a day....he has no idea how they work. That of course raises the question 'if they don't know how they work how are you sure that the device they implant will do the job your require? Now ten months after surgery with no issues they are still trying to adjust it to give me back my healthy lifestyle where I want my heart rate to be able to up to 170 bps. They have finally admitted that they aren't sure how to adjust it. The teams are used to old and unhealthy clients that are pretty much just ticking over. I on the other hand am active and work my pacemaker up to the physical limitations that they pace team have set.

    As for hacking I'm not too worried at this point in time. I'm happy that studies like this have appeared. But someone who might want to kill me will have to be so close to do it that they could shiv me in the shower! Future devices will have more security and like Karen Sandler says in her keynote address the proprietary nature of the devices and the firmware running on them is the issue. I work with hardware engineers and I see the types of bugs that arise. in my case if the pacemaker does stop working I won't die anyway so it's not too much of an issue either. But to someone that really relies on these devices I would be concerned.

    1. Robert Carnegie Silver badge

      Suppose I told you I could do it through the device that you're reading this on?

      Fortunately, I can't, and I most likely wouldn't if I could, unless you're secretly Jimmy Savile.

      Also fortunately you're getting longsighted and you have to hold your laptop at arms' length to read the screen...

      1. Anonymous Coward
        Anonymous Coward

        Re: Suppose I told you I could do it through the device that you're reading this on?

        You want to affect the heart rate of dead DJs? ;)

    2. Anonymous Coward
      Anonymous Coward

      Re: Not that bad but does require a re-think

      There is quite a big difference between not knowing how something works and not knowing what something does. Most people have no idea how a modern operating system works, but invariably they can use it.

  9. Anonymous Coward
    Anonymous Coward

    I can see it now

    819 internet scams. "Pay us $50,000 or we make your pacemaker electrocute you"

    On the flip side, maybe people will be more careful about their choice of pacemaker /etc provider, and choose one with better security after some of the cheapskates drop dead after a drive by pacenuking.


  10. Anonymous Coward


    Why is an implanted device capable of generating that level of voltage? The hardware should be incapable of this, otherwise a simple malfunction could kill you.

    1. Dig

      Re: Errr...

      Only the Difibrilator type put supply this voltage. In this case if the patients heart stops a shock has to be given like the paddles used externally except they are even higher. The voltage has to be high enough to cause a sufficient contraction of the heart muscle to stimulate the heart into pumping again.

      When CPR is given the compressions often break ribs in the patient as the pressure has to be significant enough from the outside to pump the heart.

    2. Euripides Pants

      Re: Errr...

      "Why is an implanted device capable of generating that level of voltage?"

      Because it's a DEFIBRILLATOR!

This topic is closed for new posts.

Other stories you might like