Pacemaker patients at risk of death by hacking

Pacemakers, tiny medical instruments that have saved the lives of myriad individuals who suffer heart conditions, now can pose a potential threat to any wearer due to new hacks being dubbed as “digital assassination.”

These small devices, placed inside the abdomen or chest cavity of the patient, use electrical signals to regulate heart rate by mimicking a healthy heart’s natural electrical pulse that causes it to contract and pump blood.

But the modern advances of the device pose a huge possible threat to any patient targeted by a hack, due to the shift to a wireless control mechanism that can be remotely activated. Renowned IOActive security researcher Barnaby Jack recently demonstrated at BreakPoint security conference in Melbourne how he could wirelessly attack a pacemaker by using his laptop to send 830-volt electric shocks, according to Australia-based SC Magazine. If Jack could demonstrate this, then hackers can easily perform just the same action.

Even more widespread than an individual attack, hackers could access an entire manufacturer’s clientele and activate all pacemakers at once, causing the mass murder of numerous innocent individuals.

Hacks into the pacemaker’s electrical pulses are not the only threat. The issue also arose that hackers could obtain patients’ medical records. The FDA may be able to regulate the instruments’ effectiveness, but the IT security and code-auditing is something that goes under-regulated, Jack warned at the conference. Reportedly, FDA deputy director Brian Fitzgerald responded that the FDA is reviewing a “regulatory stance on software.”

The demonstration was intended to bring the concerns of dangers and flaws in the system to the pacemaker manufactures—and hopefully this vital information does just that, without giving heart attacks to pacemaker wearers.

Pacemakers are not the only medical devices that could be targeted by hackers; BitDefender antivirus software suite has also named defibrillators and insulin pumps at risk.

The merging of humans and machine is miraculous, but the cybersecurity could not be of higher importance, as killing people is far different than breaking codes or cracking passwords.

In any arena, information security should be at the forefront of the agenda. Protect your systems by finding the right people with Tiro Security, a leading IT security staffing and solutions firm in Los Angeles.

Posted in