Many medical implants, such as insulin pumps and pacemakers, are equipped with wireless radios that let doctors download data about the patient's condition and adjust the behavior of the implant. But these devices are vulnerable to hackers who can eavesdrop on stored data or even reprogram the implant, causing, for example, a pacemaker to shock a heart unnecessarily. While it may be possible to engineer new, more secure implants, millions of people are walking around with vulnerable devices that can't be replaced without surgery. An anti-hacking device presented this week at the annual SIGCOMM communications conference in Toronto may offer them a solution.
Created by researchers from MIT and the University of Massachusetts, Amherst, the laptop-sized device, called "the shield," emits a jamming signal whenever it detects an unauthorized wireless link being established between an implant and a remote terminal (which can be out of sight and tens of meters away). Although no attack of this kind is known to have occurred , "it's important to solve these kinds of problems before the risk becomes a tenable threat," says Kevin Fu, an associate professor of computer science at UMass and one of the developers of the shield. Fu was Technology Review's Young Innovator of the Year in 2009 for his work in uncovering the previously unsuspected danger that hackers pose to implant wearers.
The key innovation is the new radio design that the shield uses for jamming. "If you just do simple jamming [broadcasting radio noise on a given frequency], then the attacker doesn't get the information, but the doctor doesn't either," says Dina Katabi, another developer of the shield and an associate professor of electrical engineering and computer science at MIT. Instead, the shield allows a jamming signal to be broadcast while it simultaneously receives data signals from the implant and relays them over a secure link. So doctors can still download data and confirm adjustments even while the shield is jamming an attacker.
Blackhat 2011: Diabetic Black Hat Researcher Hacks Insulin Pump
Security researcher Jay Radcliffe set out to find out if proprietary wireless communications could be reverse engineered to manipulate a diabetic's insulin pump and potentially kill the patient. Radcliffe had a very compelling reason to do this research: he is a diabetic.
During his Aug. 4 "Hacking Medical Devices for Fun and Insulin: Breaking the Human SCADA System" session, Radcliffe discussed how an attacker could intercept wireless signals emitted by medical devices and broadcast a stronger signal to interfere with regular operation. The malicious commands can change the blood-sugar level readout on an insulin pump to misinform the patient of the blood sugar levels or just disable the device. If done repeatedly, the attacker could kill a person because of improper insulin dosages, Radclifee suggested.