We’ve probably all heard the hacked pacemaker horror stories: malware that can be directly planted on a pacemaker, hackers remotely controlling devices and the former US Vice President Dick Cheney disabling a wireless feature in his pacemaker to prevent foreign agents from turning the dial up or down and sending Cheney to his grave.
It’s clearly a serious issue. In the US, the Food and Drug Administration recalled almost half a million pacemakers due to fears that they could be hacked to either run the batteries down or even alter the patient’s heartbeat rate.
The vulnerabilities of these devices are certainly taxing the minds of security researchers. These people do an important job searching for vulnerabilities in all sorts of devices, highlighting flaws to manufacturers and detailing their findings in blog posts.
Vulnerabilities in pacemakers first emerged ten years ago and on-going discoveries have been fairly consistent ever since. The vulnerabilities tend to be found in the device protocols such as deploying functionalities to authenticate and control access in the device sensors and setting up of secret keys to protect the confidentiality of data transmitted over the wireless network.
But realistically what is the likelihood of an attack on your pacemaker?
- It’s a given that most of today’s implantable devices can now communicate wirelessly. Further, the coming medical Internet of Things (IoT) is bringing with it various wearable devices to keep healthcare providers and patients more connected.
- Some devices don’t require any authentication, nor is the data encrypted. Anyone sufficiently motivated could change the data in the implant, potentially modifying its behaviour in a dangerous or even fatal way.
- Potential vulnerable devices, alongside pacemakers, include implantable cardioverter defibrillators and drug infusion pumps.
- But hackers can’t access implanted pacemakers from some remote location. To hack one of these devices, the attack has to be conducted in close physical proximity to the victim (within Bluetooth range), and only when the device connects to the internet to send and receive data.
There’s no money in it
- Despite flaws discovered by security researchers there have to date been no reports of hacking attempts on implanted devices or attacks noted in the wild.
- Cyber criminals don’t have the motivation to hack a pacemaker. There’s money to be made by hacking medical servers and holding patient records hostage with ransomware because these are low complexity attacks with high rates of return.
- Hospitals are a prime target for hackers and disabling a server doesn’t carry a murder charge if you’re caught. Hacking an implanted medical device is a very different matter.
The medical industry is playing catch up
- Hacking implanted medical devices are complex and highly technical requiring in-depth knowledge and dedication.
Device manufacturers have not historically developed products with security in mind. In the past, to tamper with a pacemaker, you had to perform surgery.
The rapidly evolving ecosystem around wireless medical devices is therefore putting new security stresses on an industry that’s never had to think about these issues before. Certainly with the growth of connectivity the medical industry is becoming more aware of security issues.
Yet while unlikely, the risk is real and it may be just a question of time until a high-value target becomes the victim of a real-world attack carried out by a foreign intelligence service.