Warning over medical implant attacks

  • Published
Insulin injection
Image caption,
Diabetics inject insulin to regulate blood sugar but too much can induce a coma

Many medical implants are vulnerable to attacks that could threaten their users' lives, according to studies.

Security researchers have developed attacks that locate and compromise implants used to manage conditions such as diabetes and heart disease.

One attack identified a radio signal that, if re-broadcast, would have switched off a heart defibrillator.

Researchers say more work needs to be done to secure implants and protect against malicious actions.

Radio grab

For increasing numbers of people an active life is only possible thanks to a medical implant that monitors their vital signs and which intervenes when needed.

Pacemakers that regulate heart beats, pumps that deliver insulin and defibrillators that watch for abnormal cardiac rhythms are being fitted to many more people to help them manage these chronic conditions.

Barnaby Jack, a researcher at security firm McAfee, has discovered that the wireless links used to interrogate and update these devices left them open to attack.

In two weeks of work he found a way to scan for and compromise insulin pumps that communicate wirelessly.

"We can influence any pump within a 300ft [91m] range," Mr Jack told the BBC. "We can make that pump dispense its entire 300 unit reservoir of insulin and we can do that without requiring its ID number."

Mr Jack said diabetics typically needed a dose of 5-10 units of insulin after a heavy meal to help regulate blood sugar. Making the device empty its cartridge into a host's bloodstream would cause "deep trouble".

In similar work Prof Kevin Fu, a computer scientist at the University of Massachusetts Amherst, has found that is possible to capture a signal that controls the working of a heart defibrillator.

During his research Prof Fu discovered that implanted defibrillators are tested using a specific radio signal when first placed inside a patient. The signal turns the device on and off.

Lab work revealed that it was possible to capture this signal as it was broadcast. Re-broadcasting it turned off a device close by.

Prof Fu said the limited battery life of medical devices meant they could not use any authentication or encryption to protect signals passing to and from the device - leaving them open to attack in the future.

Image caption,
Many hearts are kept beating thanks to a medical implant

"Patients are much better off with these devices than without," said Prof Fu, but added that the work he and others were doing was signalling forthcoming problems that needed to be addressed now.

"Future devices will be much more connected, much more connected to the internet and will have much more use of wireless technology," he said.

Manufacturers needed to think about security as they designed products and harden them against future problems, he said.

"There is no silver bullet, it's not that these problems are easy to address," he said. "But there is technology available to reduce these risks significantly."

The UK's Medicines and Healthcare products Regulatory Agency said it had never received any reports of medical implants being hacked.

"We closely monitor the safety and performance of all medical devices and take action to ensure the safety of patients," said an MHRA spokesman.

Related Internet Links

The BBC is not responsible for the content of external sites.