Pacemaker vulnerable to remote hacking
August 13, 2008 7:00 AM Subscribe
Serious as a heart attack: A collaboration of various medical researchers in the academic field has led to proof that pacemakers can be remotely hacked with simple and accessible equipment. This is a proof of concept, but the real question is: How many other pacemakers and medical devices are similarly vulnerable? (Writers may note a new twist available for the assassination of characters in their novels and screenplays.)
Writers may note a new twist available for the assassination of characters in their novels and screenplays.
I haven't noticed writers waiting for scientific confirmation of any of the other ideas they've used...
They found that the communication protocol used to remotely program the device was unencrypted...
So awesome. I distinctly remember learning, years ago, that these things were externally programmable and thinking "ruh roh".
posted by DU at 7:15 AM on August 13, 2008
I haven't noticed writers waiting for scientific confirmation of any of the other ideas they've used...
They found that the communication protocol used to remotely program the device was unencrypted...
So awesome. I distinctly remember learning, years ago, that these things were externally programmable and thinking "ruh roh".
posted by DU at 7:15 AM on August 13, 2008
As I read the post, I thought to myself, "I wonder how long it will be before someone mentions Cheney in the post thread?" And now I know.
posted by jscalzi at 7:15 AM on August 13, 2008
posted by jscalzi at 7:15 AM on August 13, 2008
They used GNURadio to decode the protocol stacks apparently. Which just proves that SDR is the bee's bollocks.
posted by Skorgu at 7:42 AM on August 13, 2008
posted by Skorgu at 7:42 AM on August 13, 2008
> I'm going to go get a pacemaker installed so I can overclock myself.
How's this scifi-lite scenario: Pacemakers become standard components in endurance athletic events, the coaches monitoring performances from the sidelines and tweaking heart rates as needed. The spread of final times in marathons is rarely more than five seconds, the result of a decade of pacemaker engineering and athletic training. A dark market of pacemaker modders exists to tweak and optimize the hardware (not quite legal, but not quite illegal yet), and alongside it is a black market of pacemaker saboteurs sell their skills in jamming or hijacking the wireless connections.
posted by ardgedee at 7:46 AM on August 13, 2008 [2 favorites]
How's this scifi-lite scenario: Pacemakers become standard components in endurance athletic events, the coaches monitoring performances from the sidelines and tweaking heart rates as needed. The spread of final times in marathons is rarely more than five seconds, the result of a decade of pacemaker engineering and athletic training. A dark market of pacemaker modders exists to tweak and optimize the hardware (not quite legal, but not quite illegal yet), and alongside it is a black market of pacemaker saboteurs sell their skills in jamming or hijacking the wireless connections.
posted by ardgedee at 7:46 AM on August 13, 2008 [2 favorites]
CAUTION: MICROWAVE IN USE
posted by BitterOldPunk at 7:48 AM on August 13, 2008
posted by BitterOldPunk at 7:48 AM on August 13, 2008
Meh. I'm waiting for brain microchips and then I'll have my very own president.
posted by Brandon Blatcher at 7:54 AM on August 13, 2008 [1 favorite]
posted by Brandon Blatcher at 7:54 AM on August 13, 2008 [1 favorite]
My pacemaker is from Apple
And you wear it on your sleeve so everybody can see it.
posted by srboisvert at 8:24 AM on August 13, 2008
And you wear it on your sleeve so everybody can see it.
posted by srboisvert at 8:24 AM on August 13, 2008
My pacemaker is from Apple
That's just bananas.
posted by Brandon Blatcher at 8:25 AM on August 13, 2008
That's just bananas.
posted by Brandon Blatcher at 8:25 AM on August 13, 2008
Cheney is safe form hackers. He had a wasp's nest implanted where his heart used to be. His black, withered heart is inside a thick-walled lead box stored in a dank tomb in the deepest, foulest recesses of Cheyenne Mountain. It's right next to GWB's soul.
posted by Daddy-O at 8:35 AM on August 13, 2008 [3 favorites]
posted by Daddy-O at 8:35 AM on August 13, 2008 [3 favorites]
If you hack a pacemaker and cause a persons death surely that's a murder charge? Any lawyers care to comment?
posted by gallagho at 9:09 AM on August 13, 2008
posted by gallagho at 9:09 AM on August 13, 2008
ardgedee, stop giving Cory Doctorow ideas.
posted by djfiander at 9:18 AM on August 13, 2008 [1 favorite]
posted by djfiander at 9:18 AM on August 13, 2008 [1 favorite]
Pacemaker hacking devices don't kill people.
Pacemaker hacking device control kills people.
posted by spock at 9:25 AM on August 13, 2008 [1 favorite]
Pacemaker hacking device control kills people.
posted by spock at 9:25 AM on August 13, 2008 [1 favorite]
> If you hack a pacemaker and cause a persons death surely that's a murder charge?
So don't kill them. Just keep 'em lethargic. Or, in the athletes scenario above, keep the heart rate at a steady 140bpm or so, enough to perform but not enough to win.
posted by ardgedee at 9:27 AM on August 13, 2008
So don't kill them. Just keep 'em lethargic. Or, in the athletes scenario above, keep the heart rate at a steady 140bpm or so, enough to perform but not enough to win.
posted by ardgedee at 9:27 AM on August 13, 2008
...or, to be extra devious, to make them overperform in the qualifiers so that they're too overworked to score well in the main event.
posted by ardgedee at 9:30 AM on August 13, 2008
posted by ardgedee at 9:30 AM on August 13, 2008
If you hack a pacemaker and cause a persons death surely that's a murder charge? Any lawyers care to comment?
I think we'd need a prosecutor, not simply a lawyer. Certainly, from an ethical standpoint, one would be responsible for another's death. But whether one had enough evidence to charge, and the exact crime one would be charged with is much murkier. There is a whole gamut from "unintentional manslaughter" to "premeditated murder" that depend upon the circumstances, motive/intent, state of mind at the time, etc. Then there is the evidence phase. Mere possession of pacemaker hacking equipment does not equal being the person responsible for the crime. One would have to prove the circumstances and opportunity and weigh that against the defendant's alibi before tying a particular hacking device to the person "pulling the trigger". Then there is the question of how one determines the pacemaker's defect was caused by the hacking device at all, as opposed to being an intrinsic failure.
I can see it being in the interests of doctors (and their malpractice insurers), medical facilities administrators and pacemaker manufacturers to not even open this can of worms (to the detriment of any current and future victims).
I'm also sure that the various intelligence agencies have people who have researched all of this, for years. It would be handy way to get rid of an aging dictator who had become a problem. Who knows, it has probably already even been done. It doesn't have to be just pacemakers either. Imagine the ability to remotely control the amount of morphine a patient is receiving (post-operatively, for example). It would be easy to write the death off as post-surgical complications.
posted by spock at 9:41 AM on August 13, 2008
I think we'd need a prosecutor, not simply a lawyer. Certainly, from an ethical standpoint, one would be responsible for another's death. But whether one had enough evidence to charge, and the exact crime one would be charged with is much murkier. There is a whole gamut from "unintentional manslaughter" to "premeditated murder" that depend upon the circumstances, motive/intent, state of mind at the time, etc. Then there is the evidence phase. Mere possession of pacemaker hacking equipment does not equal being the person responsible for the crime. One would have to prove the circumstances and opportunity and weigh that against the defendant's alibi before tying a particular hacking device to the person "pulling the trigger". Then there is the question of how one determines the pacemaker's defect was caused by the hacking device at all, as opposed to being an intrinsic failure.
I can see it being in the interests of doctors (and their malpractice insurers), medical facilities administrators and pacemaker manufacturers to not even open this can of worms (to the detriment of any current and future victims).
I'm also sure that the various intelligence agencies have people who have researched all of this, for years. It would be handy way to get rid of an aging dictator who had become a problem. Who knows, it has probably already even been done. It doesn't have to be just pacemakers either. Imagine the ability to remotely control the amount of morphine a patient is receiving (post-operatively, for example). It would be easy to write the death off as post-surgical complications.
posted by spock at 9:41 AM on August 13, 2008
Writers may note a new twist available for the assassination of characters in their novels and screenplays.
Barry Eisler beat you to it already. Read the first chapter of Rain Fall
posted by tylerfulltilt at 9:42 AM on August 13, 2008 [1 favorite]
Barry Eisler beat you to it already. Read the first chapter of Rain Fall
posted by tylerfulltilt at 9:42 AM on August 13, 2008 [1 favorite]
The athletic event scenario is silly because pacemakers are painfully easy to detect and any athlete with one could simply be disqualified.
posted by spock at 9:52 AM on August 13, 2008
posted by spock at 9:52 AM on August 13, 2008
I still can't get over the fact that this is at all possible. Who would design a pacemaker that can be manipulated from a distance? Don't they hire people to think of the possible negative consequences?
posted by explosion at 9:58 AM on August 13, 2008
posted by explosion at 9:58 AM on August 13, 2008
Fu and Halperin said they used a cheap $1,000 system to mimic the control mechanism. It included a software radio, GNU radio software, and other electronics.
This is "simply and accessible" materials? I doubt Joe Sixpack will nit be killing anyone soon. There's a security fault here and its fairly serious, but I hate how all security issues get trumped up with the utmost hysteria by the time it reaches the press.
The real sad part here is that a little cryptography would have gone a long way, but I'm pretty interested in who holds the keys. Will the ER be able to reset this device if they key is in a hospital database somewhere? Would any of this be compliant with HIPAA? Should we just tattoo the keys onto the guys chest?
I'm also curious of the effective range of any of these attacks are. Its also worth noting that the researchers found a bug in the test mode of this particular model, so it doesnt look like there's just one radio command you can broadcast to a large crowd and expect everyone to keel over. It may be that other models have better security.
posted by damn dirty ape at 10:05 AM on August 13, 2008
This is "simply and accessible" materials? I doubt Joe Sixpack will nit be killing anyone soon. There's a security fault here and its fairly serious, but I hate how all security issues get trumped up with the utmost hysteria by the time it reaches the press.
The real sad part here is that a little cryptography would have gone a long way, but I'm pretty interested in who holds the keys. Will the ER be able to reset this device if they key is in a hospital database somewhere? Would any of this be compliant with HIPAA? Should we just tattoo the keys onto the guys chest?
I'm also curious of the effective range of any of these attacks are. Its also worth noting that the researchers found a bug in the test mode of this particular model, so it doesnt look like there's just one radio command you can broadcast to a large crowd and expect everyone to keel over. It may be that other models have better security.
posted by damn dirty ape at 10:05 AM on August 13, 2008
spock, why would a morphine machine need a wireless remote control? The pacemaker has this because an access port would be prohibitive and lead to a potential lethal infection. Your heart is behind quite a bit of flesh and bone. This is a perfect application for wireless.
posted by damn dirty ape at 10:07 AM on August 13, 2008
posted by damn dirty ape at 10:07 AM on August 13, 2008
I'm going to go get a pacemaker installed so I can overclock myself.
That is what caffeine is for.
posted by spock at 10:13 AM on August 13, 2008 [2 favorites]
That is what caffeine is for.
posted by spock at 10:13 AM on August 13, 2008 [2 favorites]
Gah! It's set on hummingbird! I've gotta drink my weight in nectar!
posted by ROU_Xenophobe at 10:13 AM on August 13, 2008 [2 favorites]
posted by ROU_Xenophobe at 10:13 AM on August 13, 2008 [2 favorites]
> The athletic event scenario is silly because pacemakers are painfully easy to detect
Well, sure, but my scifi-lite novella will not need much exposition to set up the possibility that in the years since Lasik surgery, human enhancements have become progressively common and publicly accepted. Reality need not apply.
posted by ardgedee at 10:18 AM on August 13, 2008
Well, sure, but my scifi-lite novella will not need much exposition to set up the possibility that in the years since Lasik surgery, human enhancements have become progressively common and publicly accepted. Reality need not apply.
posted by ardgedee at 10:18 AM on August 13, 2008
The whole wireless interference thing is something I know nothing about. Exactly why DO they make you turn off cell phones and wireless devices when the plane is going to take off or land? Why DO they warn pacemaker wearers about microwaves in the area? Why DO they prohibit cell phone use in ICUs? They must be concerned with (or aware of) some sort of negative consequences to the equipment. Sounds like a good AskMe.
posted by spock at 10:26 AM on August 13, 2008
posted by spock at 10:26 AM on August 13, 2008
I still can't get over the fact that this is at all possible. Who would design a pacemaker that can be manipulated from a distance? Don't they hire people to think of the possible negative consequences?
Pacemakers have been externally programmable for three decades now. Originally, the programming was done by a magnet that rotated a switch on the implanted pulse generator through the skin. RF was used later in conjunction with a reed switch that was activated by a large doughnut magnet in the programming head. Encryption was added later and apparently the reed switch/magnet combination has been dropped to reduce size and weight of the devices, depending only upon encryption.
Any attempt to tamper with the device still requires fairly close proximity or a very large signal. In any event, it would easier to tamper with someones car than to mess with an implanted pacemaker. Unless you are a cardiologist with a programmer (are you listening, Dr. Jonathan Reiner?).
posted by Mental Wimp at 10:41 AM on August 13, 2008
Pacemakers have been externally programmable for three decades now. Originally, the programming was done by a magnet that rotated a switch on the implanted pulse generator through the skin. RF was used later in conjunction with a reed switch that was activated by a large doughnut magnet in the programming head. Encryption was added later and apparently the reed switch/magnet combination has been dropped to reduce size and weight of the devices, depending only upon encryption.
Any attempt to tamper with the device still requires fairly close proximity or a very large signal. In any event, it would easier to tamper with someones car than to mess with an implanted pacemaker. Unless you are a cardiologist with a programmer (are you listening, Dr. Jonathan Reiner?).
posted by Mental Wimp at 10:41 AM on August 13, 2008
Bah. In my day, we'd just shiv someone with an icicle. Gotcher perfect crime right there.
posted by Halloween Jack at 10:44 AM on August 13, 2008
posted by Halloween Jack at 10:44 AM on August 13, 2008
Bah. In my day, we'd just shiv someone with an icicle. Gotcher perfect crime right there.
Other than the fact that your DNA is probably on the person (when you grabbed them to stick the shiv) and all the loud screaming they did with you in the proximity, and that if you don't do the job right they can probably identify you, yeah you got it all figured out, O.J.
posted by spock at 11:02 AM on August 13, 2008
Other than the fact that your DNA is probably on the person (when you grabbed them to stick the shiv) and all the loud screaming they did with you in the proximity, and that if you don't do the job right they can probably identify you, yeah you got it all figured out, O.J.
posted by spock at 11:02 AM on August 13, 2008
"As I read the post, I thought to myself, "I wonder how long it will be before someone mentions Cheney in the post thread?" And now I know."
Me too, but I was betting it would take at least two posts.
posted by mr_crash_davis at 11:32 AM on August 13, 2008
Me too, but I was betting it would take at least two posts.
posted by mr_crash_davis at 11:32 AM on August 13, 2008
You don't know how hard it was not to mention Cheney in the FPP itself!
posted by spock at 11:57 AM on August 13, 2008
posted by spock at 11:57 AM on August 13, 2008
Spock, I think the answer to your question about hospitals and airplaens is simple paranoia. "KEIEIO comming at you with 50,000 watts of power!" just down the road is bathing your local hospital in more radio waves than a small army of cell phones. To do wireless data transfer there needs to be some sort of handshake between the two devices. (A crappy protocol might cause some equipment to stutter but I'd say if a cell phone will cause you problems, you've got problems already.
The microwave thing (and big electric motors - as was mentioned in a recent woodworking magazine I read) is an issue of magnetism creating low levels of current in a system that runs on low levels of current. It'd be more like a computer being hit by a voltage surge than beign hacked. The expert the magazine talked to seemed to think that most home shop equipment posed little to no danger.
posted by Kid Charlemagne at 12:58 PM on August 13, 2008
The microwave thing (and big electric motors - as was mentioned in a recent woodworking magazine I read) is an issue of magnetism creating low levels of current in a system that runs on low levels of current. It'd be more like a computer being hit by a voltage surge than beign hacked. The expert the magazine talked to seemed to think that most home shop equipment posed little to no danger.
posted by Kid Charlemagne at 12:58 PM on August 13, 2008
On the murder point, if you mess with a pacemaker intentionally and kill someone, you can bet you are going to get charged for some form of murder. Your mental intent went way beyond "oops" and strait into a minimum of reckless disregard or intentional murder. In addition, you likely will get charged with more than one crime, and under the right circumstances and in the right jurisdictions, you may very well cross into a felony for the underlying hacking even if you don't kill someone. Felony murder charges (death resulting from the commission of a felony) blow right through any question of intent to murder and land you with murder 1 charges.
In short, this falls strictly within the "Kids, don't try this at home" category.
posted by Muddler at 1:23 PM on August 13, 2008
In short, this falls strictly within the "Kids, don't try this at home" category.
posted by Muddler at 1:23 PM on August 13, 2008
Oh, and by the way, I hope to get an implantable cardioverter/defibrillator (ICD) when I reach a certain age. The easiest, fastest way to go is ventricular fibrillation: rapid loss of consciousness, followed by death within minutes, as long as some fool doesn't try to reverse the process. I plan to have a modified programmer for the ICD, so when the time comes to shuffle off this mortal coil, I can hide myself away and induce VFib. No fuss, no muss.
posted by Mental Wimp at 1:53 PM on August 13, 2008
posted by Mental Wimp at 1:53 PM on August 13, 2008
My pacemaker is from Apple
You'll be fine. It's the folks with WinCE hearts that need to worry.
posted by Blazecock Pileon at 1:59 PM on August 13, 2008
You'll be fine. It's the folks with WinCE hearts that need to worry.
posted by Blazecock Pileon at 1:59 PM on August 13, 2008
Who would design a pacemaker that can be manipulated from a distance? Don't they hire people to think of the possible negative consequences?
If you can't manage them remotely, you'd either have to leave a physical port hanging out of people (which would, I suspect, have a whole bunch of day-to-day issues associated with it), or open up someone's chest cavity every time you want to change their pacemaker settings as they age and their heart's behaviour changes.
For the 99.9% of pacemaker recipients who aren't on a hit list, a pacemaker that's reprogramable from a wireless connection make life a lot better.
posted by rodgerd at 3:00 PM on August 13, 2008
If you can't manage them remotely, you'd either have to leave a physical port hanging out of people (which would, I suspect, have a whole bunch of day-to-day issues associated with it), or open up someone's chest cavity every time you want to change their pacemaker settings as they age and their heart's behaviour changes.
For the 99.9% of pacemaker recipients who aren't on a hit list, a pacemaker that's reprogramable from a wireless connection make life a lot better.
posted by rodgerd at 3:00 PM on August 13, 2008
How long until Pacemakers become mandatory so we can be "shut off" if we should engage in any kind of "terrorist" activity (such as downloading MP3s or reading the wrong books)? :-)
posted by L_K_M at 12:46 AM on August 14, 2008
posted by L_K_M at 12:46 AM on August 14, 2008
« Older Conducting an orchestra. How hard could it be? | Pink foam walls reveal national character. Newer »
This thread has been archived and is closed to new comments
That is all.
posted by three blind mice at 7:07 AM on August 13, 2008 [18 favorites]