Many implants like this pacemaker can receive and transmit wireless signals
What's the News: Topping the list of things you don't want hacked is your heart. And with 300,000 medical devices such as pacemakers and drug pumps implanted each year, many of which can be controlled through wireless signals, that might soon be a real risk for patients to consider. To prevent such attacks, researchers from MIT and UMass Amherst are developing a jamming device that can be worn as a necklace or watch and keeps implants from receiving orders from unauthorized senders. The team will present their experiments with defibrillators
[pdf], with off-the-shelf radio transmitters playing the role of the shield, at the SIGCOMM
conference in Toronto. How the Heck:
Many medical implants send data about how a patient is doing directly to the doctor via radio transmission. And doctors can tweak implants' performance by sending instructions like "Release more of that drug" or "Beat faster."
The team's device, called a shield, would intercept such instructions and, if they were encrypted using the key available only to the patient's doctor, send them along to the implant, while unauthorized messages---which might go something like "Provide a lethal shock to the heart"--- wouldn't be passed on. The implant's own messages would in turn be encrypted and sent onto the doctor.
The team found that without the shield, their defibrillators obeyed commands from transmitters more than 40 feet away. With the shield, eavesdroppers or adversaries as close as 20 cm couldn't control the devices or listen in on their messages.
One of the shield's big perks is that it would work with existing implants. And because it only works when it's near the implant, emergency personnel trying to reset a pacemaker, for example, could just remove the shield in order to send new orders. If the encryption were taking place in the implant itself, emergency overrides would be much more difficult.
What's the Context:
Three years ago, a team of scientists including Kevin Fu, an author of the current paper, demonstrated [pdf] that they could interere with defibrillators and eavesdrop on their signals, learning patient names, diagnosis, and information about vital sounds, using readily available tech. While vulnerabilities in implant security had been discussed for some time, the discovery galvanized researchers to come up with creative solutions.
Researchers have looked into making new implants that perform the encryption themselves, but that approach comes with several serious drawbacks, like the difficulty of an emergency override and the need for manufacturers to alter their designs, which are highly optimized in terms of size and shape and may not have room on them for encryption gear.
The Future Holds: Such attacks haven't happened yet, to our knowledge. But given the risks---disclosure of patient's names and medical data, and potentially fatal interference---it behooves medical device companies to start looking into solutions like the shield. Image credit: Wikimedia Commons