Researcher Turns Pacemakers Into Mass Murder Machines
A computer security services researcher has some bad news for people with pacemakers.
Barnaby Jack of IOActive [http://www.ioactive.com/] made a rather stunning announcement today at the Breakpoint security conference in Melbourne, Australia. He's figured out how to reverse-engineer pacemaker transmitters to deliver hacked firmware to any compatible devices within a 30 foot range, which can force them to deliver electric shocks of up to 830 volts. He's only done it with one brand of pacemaker, which he declined to name for obvious reasons, but said that it opened the door to "anonymous assassination" and, in a worst-case scenario, even mass murder.
It seems that the pacemakers in question have a "secret function" that, when activated, causes them to return model and serial number information to a remote terminal, which Jack said provides "enough information to authenticate with any device in range." The function is presumably intended for diagnostic purposes, but he discovered that they have no encryption and even found user names and passwords for what is apparently the manufacturer's development server.
"The worst case scenario that I can think of, which is 100 percent possible with these devices, would be to load a compromised firmware update onto a programmer," he said. "The compromised programmer would then infect the next pacemaker or ICD and then each would subsequently infect all others in range."
That "compromised firmware" would let the controller do all sorts of unintended and unpleasant things with and to the pacemakers, including delivering some serious electric shocks. "With a max voltage of 830 volts, it's not hard to see why this is a fairly deadly feature," he continued. "Not only could you induce cardiac arrest, but you could continually recharge the device and deliver shocks on loop."
It sounds like one of those things that's all theoretical and speculative, but the fact that Jack was able to show his super-villain stunt in action is more than a little disconcerting. I suppose we should be thankful to all involved that his demonstration video hasn't been released to the public, but hopefully he has at least brought it to the attention of the manufacturer - and that other pacemaker manufacturers are paying attention too.
Source: SC Magazine [http://www.scmagazine.com.au/News/319508,hacked-terminals-capable-of-causing-pacemaker-mass-murder.aspx]
Permalink
A computer security services researcher has some bad news for people with pacemakers.
Barnaby Jack of IOActive [http://www.ioactive.com/] made a rather stunning announcement today at the Breakpoint security conference in Melbourne, Australia. He's figured out how to reverse-engineer pacemaker transmitters to deliver hacked firmware to any compatible devices within a 30 foot range, which can force them to deliver electric shocks of up to 830 volts. He's only done it with one brand of pacemaker, which he declined to name for obvious reasons, but said that it opened the door to "anonymous assassination" and, in a worst-case scenario, even mass murder.
It seems that the pacemakers in question have a "secret function" that, when activated, causes them to return model and serial number information to a remote terminal, which Jack said provides "enough information to authenticate with any device in range." The function is presumably intended for diagnostic purposes, but he discovered that they have no encryption and even found user names and passwords for what is apparently the manufacturer's development server.
"The worst case scenario that I can think of, which is 100 percent possible with these devices, would be to load a compromised firmware update onto a programmer," he said. "The compromised programmer would then infect the next pacemaker or ICD and then each would subsequently infect all others in range."
That "compromised firmware" would let the controller do all sorts of unintended and unpleasant things with and to the pacemakers, including delivering some serious electric shocks. "With a max voltage of 830 volts, it's not hard to see why this is a fairly deadly feature," he continued. "Not only could you induce cardiac arrest, but you could continually recharge the device and deliver shocks on loop."
It sounds like one of those things that's all theoretical and speculative, but the fact that Jack was able to show his super-villain stunt in action is more than a little disconcerting. I suppose we should be thankful to all involved that his demonstration video hasn't been released to the public, but hopefully he has at least brought it to the attention of the manufacturer - and that other pacemaker manufacturers are paying attention too.
Source: SC Magazine [http://www.scmagazine.com.au/News/319508,hacked-terminals-capable-of-causing-pacemaker-mass-murder.aspx]
Permalink
