Defibrillators Can Be Hacked
Computer experts working for the Universities of Washington and Massachussetts succeeded to hack an implantable cardioverter defibrillator (ICD). They used the Medtronic Maximo DR VVEDDDR model #7278 ICD.
"After partially reverse-engineering the ICD’s communications protocol with an oscilloscope and a software radio, we implemented several software radio-based attacks that could compromise patient safety and patient privacy", the researchers wrote in a study.
In other words: A hacker could download the data an ICD is permanentely collecting about a patient's heartbeat or - even worse - trigger shocks.
Modern ICDs are vulnerable to hacker attacks because the devices are designed to communicate wirelessly with a nearby external programmer.
However, the researchers emphasize: "To our knowledge, no IMD (implantable medical device) patient has ever been harmed by a malicious security attack. While our research demonstrates
that such a scenario is possible, our goals in conducting this research are to: (1) demonstrate that IMD security and privacy vulnerabilities exist; (2) propose solutions to the identified weaknesses; (3) encourage the development of more robust security and privacy features for IMDs; and (4) improve the privacy and safety of IMDs for the millions of patients who enjoy their benefits."
"After partially reverse-engineering the ICD’s communications protocol with an oscilloscope and a software radio, we implemented several software radio-based attacks that could compromise patient safety and patient privacy", the researchers wrote in a study.
In other words: A hacker could download the data an ICD is permanentely collecting about a patient's heartbeat or - even worse - trigger shocks.
Modern ICDs are vulnerable to hacker attacks because the devices are designed to communicate wirelessly with a nearby external programmer.
However, the researchers emphasize: "To our knowledge, no IMD (implantable medical device) patient has ever been harmed by a malicious security attack. While our research demonstrates
that such a scenario is possible, our goals in conducting this research are to: (1) demonstrate that IMD security and privacy vulnerabilities exist; (2) propose solutions to the identified weaknesses; (3) encourage the development of more robust security and privacy features for IMDs; and (4) improve the privacy and safety of IMDs for the millions of patients who enjoy their benefits."
Labels: Defibrillator
posted by Jon N. Mettler-Bennett at 5:09 PM
Links to this post:
Create a Link
<< Home