Over 20 Total Lots Up For Auction at One Location - TX Cleansweep 06/25

MIT scientists work to thwart pacemaker hacks

by Brendon Nafziger, DOTmed News Associate Editor | June 13, 2011
This spring has been quite a season for hacking. Sony, the International Monetary Fund, CitiGroup and Lockheed Martin all seem to have fallen victim to malicious security breaches.

The cyber break-ins have caused financial havoc, personal inconvenience -- Sony's breach famously shut down its online gaming service and potentially compromised the personal information of millions of users -- and, in the case of IMF, might have affected countries' national economic security.

Now, some computer scientists and engineers say they're developing a way to protect a potential future target of cyber attacks: implantable medical devices.

At an upcoming computing conference, MIT and University of Massachusetts-Amherst researchers are presenting a plan to protect wireless devices, such as pacemakers, defibrillators and drug pumps, from attacks.

While no known cases of device hacks in people have occurred, three years ago U.S. computer scientists showed, in a lab, how deadly such an attack could be. Evil-minded programmers could, they suggested, shut a pacemaker off or use it to deliver lethal doses of electricity.

And currently, many of these devices are poorly protected.

"There are many of these devices that are really small, so for power reasons, for form-factor reasons, it might not make sense to put the [encryption] on them," Dina Katabi, co-author of the study and an associate professor of electrical engineering and computer science with MIT, said in a statement.

Plus, in an emergency, doctors might need to retrieve data or send new instructions to the device, and bypassing the encryption could present life-threatening delays.

Full-duplex jamming

The solution the scientists are working to develop is a "jamming transmitter," a device small enough to be fitted onto a necklace or shield that would block unauthorized transmissions in the field surrounding the implant.

Importantly, the device could be worn externally to prevent attacks -- most implants lack the required memory to add cryptographic mechanisms, the researchers said. And because implants last upwards of a decade and generally require surgery to replace, the scientists wanted to make sure that the shield could be used with existing implants.

In a write up of the project on their website, the team explains there are two threats it's meant to protect against: eavesdropping of private transmissions from the device, and attempts to hack into it to control it. The shield listens for the device's transmissions, and jams them so they can't be decoded, the researchers said. It also searches for and jams unauthorized transmissions meant to hijack the device.

You Must Be Logged In To Post A Comment