I assume that you have heard of Ransomware, when hackers take control of your computer and important files in your system and ask for money to release it ? Just imagine someone doing the same with your dad’s pacemaker and your mom’s insulin pump ? . Its no more a plot from any Tv show or from any Hollywood movies . A new bread of hackers are capable of doing such nasty stuff in reality. Former American Vice President Dick Cheney disabled the capabilities of wireless access on his pacemaker in 2007 itself ( Foresight huh ? ) .
Majority of our critical health implants are equipped with wireless technology , this is just to monitor and manage those devices without operating and touch it again and again. But now these wireless features are going to be a life threatening feature for many of us. growth of technology is useful , but what if people start misusing the technology for nefarious goals ? . By now, we’ve grown relatively accustomed to the idea that Internet of Things devices are inherently vulnerable. Left un patched, they can be exploited by attackers in ingenious and destructive ways. When an Internet-connected device is implanted in your body to help you maintain your heart rate or regulate the insulin in your bloodstream, bad security can quite literally be hazardous to your health.
Whats the real danger ?
Since these BioMed implants are communicating with the help of radio frequency , once attackers gain access to a biomedical device, they could use a radio replay attack—intercepting signals sent by the device, altering them, and sending them back. For example, attackers could alter an insulin pump to increase the flow of insulin to a diabetic patient’s bloodstream. Radio replay vulnerabilities are the most common flaw in medical devices, Gupta says, because most devices transmit their data unencrypted. “Let’s say the device is supposed to deliver 0.2 milligrams of insulin every hour,” he says. “An attacker could change that to 20mg every 2 seconds,” killing the patient rather quickly.
Hackers could also “Victimise physicians” by giving them false information or they can alter the information in realtime . A black hat also can manipulate a heartbeat monitor . When a patient is having / or showing the symptoms of heart attack , he can shows the pulses are normal in the monitor. What is a hacker manipulate a normal heart rate to heart attack level ? this scenario could prompt a physician to jolt the patient with 300 volts of electricity..
Many connected bio med devices lack basic protections against common attacks precisely because they weren’t initially designed to even connect to a network. According to a June 2017 report by the Health Care Industry Cybersecurity Task Force, a single piece of legacy technology equipment contained more than 1,400 vulnerabilities.
Devices that connect wirelessly to other equipment can also be compromised. A black hat Hacker has to do is figure out how to intercept that traffic and amplify the signal. Best part is some devices can be attacked from a surprising distance, In most cases, you have to be within a certain range, but using a good directional antenna, you would be able to compromise some devices from a half mile away . Scary huh ?. Connected medical devices’ biggest security problem. The most troubling thing is the fact that most health care providers don’t have a single cyber security person on staff.
Cybersecurity is getting a lot of attention, as it spans across all critical infrastructure, It’s important to be proactive to strengthen security. Hacker attacks and viruses could target an entire hospital network, which could compromise patient information, both in terms of data theft and the ability for the hospital to access accurate information to treat patients. An attack could also be used as a way to extort money from a device maker.
Binosh Alex Bruce ,
Cyber Security Consultant & Cyber Crime Forensic Investigator
credits : MIT, The parallax & ASME