RE: Hackers Can Remotely Manipulate Insulin Pumps

[Guest guest]

Isn't it a bit paranoyid though?

Most of the medical equipment is computerised these days. Hacking to hospital

chart of a VIP/celebrity - maybe of an interest to the tabloids.

To hack to soemthing, you need internet connection. I don't think the insulin

pumps or for that matter, mechanical ventilators, BP machins etc. are " open " for

hacking. In addition, I don't see how hackers even have intersts in that.

Hackers look for fame, to be on the news. I can see a " futuristic title " of

" kid died of hypoglycemic shock due to hacking " but really? Breaking into the

CIA/FBI/ big banks or Co. is the goal of hackers, insulin pump? I don't think

so.

Something is a bit disturbing here, but not on the hacking side, I think.

Merav Levi, RD, MS, CDN

A dietitian, not the food police.

http://www.linkedin.com/in/meravlevi

" Life is not measured by the number of breath you take, but by the moments that

take your breath away. " - Carlin

" People don't forget the truth, they just become better in lying " (Revolutionary

Road)

To: rd-usa

From: nrord1@...

Date: Sat, 13 Aug 2011 16:09:45 -0400

Subject: Hackers Can Remotely Manipulate Insulin Pumps

*To me this is disturbing....*

*Insulin pumps are vulnerable to determined hackers who could also remotely

mess up the readings of blood-sugar monitors, a security researcher who has

diabetes revealed at the Black Hat computer security conference, Las Vegas,

Nevada.*...

In other words, a hacker could cause a diabetic patient to receive either

too much or too little insulin.

Jerome Radcliffe says he experimented on his own equipment. He suspects that

other brands are probably just as vulnerable.

Radcliffe stated that, " My initial reaction was that this was really cool

from a technical perspective. " " The second reaction was one of maybe sheer

terror, to know that there's no security around the devices which are a very

active part of keeping me alive. "

A growing number of medical devices these days are hooked up to

communication systems so that doctors and other professionals can be

involved in a patient's care from a distance. Examples include pacemakers,

operating room monitors, and ICU equipment. In fact, some of these devices

can be remotely controlled.

So far, there have been no reports of hackers messing with medical devices

used by diabetics. However, Radcliffe's findings should be of concern to

medical device makers and those who buy and use them -- the potential is

there.

Even though attacks have been demonstrated on some devices, such as

defibrillators and pacemakers, medical device companies say that these have

been done by skilled professionals and cannot occur outside laboratory

conditions. Perhaps they should check out the skills of some hackers around

the world, some people have suggested.

For hackers, hacking is a goal to reach. If medical devices come into their

sights, and one person manages to mess with things, others might follow

suit, even offering new programs for more sophisticated attacks.

Experts say most devices are vulnerable and do not have advanced processors

which could include sophisticated encryptions.

Radcliffe, who wears an insulin pump, stated that, it can be used with a

remote control to administer insulin. After some effort, he was able to

reprogram it so that it would respond to another remote. He did that with a

USB device. He could see what data the computer with the USB device was

transmitting to the insulin pump and by tweaking the USB device he could

make the pump do more or less whatever he wanted.

The hacker needs to be within about two hundred feet from the patient,

plenty of distance for somebody walking around inside a hospital. Other

devices used by diabetes patients can also be altered remotely.

Scientists at the Massachusetts Institute of Technology and University of

Massachusetts are developing jammers that can be worn: they claim they would

defend medical devices from the hacker's signals. Some have asked whether

this might not also stop doctors from doing their work remotely.

--

Ortiz, MS, RD

*The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

Check out my blog: mixture of deals and nutrition

Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

* " If it works and research proven, it wouldn't be called Alternative " *

[Guest guest]

Hackers do it to prove they can in many cases...how many of our emails have

been hacked?? Also it would be a perfect way to commit harm....

>

> Isn't it a bit paranoyid though?

> Most of the medical equipment is computerised these days. Hacking to

> hospital chart of a VIP/celebrity - maybe of an interest to the tabloids.

> To hack to soemthing, you need internet connection. I don't think the

> insulin pumps or for that matter, mechanical ventilators, BP machins etc.

> are " open " for hacking. In addition, I don't see how hackers even have

> intersts in that. Hackers look for fame, to be on the news. I can see a

> " futuristic title " of " kid died of hypoglycemic shock due to hacking " but

> really? Breaking into the CIA/FBI/ big banks or Co. is the goal of hackers,

> insulin pump? I don't think so.

> Something is a bit disturbing here, but not on the hacking side, I think.

>

> Merav Levi, RD, MS, CDN

> A dietitian, not the food police.

>

> http://www.linkedin.com/in/meravlevi

>

>

>

>

>

>

> " Life is not measured by the number of breath you take, but by the moments

> that take your breath away. " - Carlin

> " People don't forget the truth, they just become better in lying "

> (Revolutionary Road)

>

>

>

>

>

>

>

> To: rd-usa

> From: nrord1@...

> Date: Sat, 13 Aug 2011 16:09:45 -0400

> Subject: Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

> *To me this is disturbing....*

> *Insulin pumps are vulnerable to determined hackers who could also remotely

> mess up the readings of blood-sugar monitors, a security researcher who has

> diabetes revealed at the Black Hat computer security conference, Las Vegas,

> Nevada.*...

>

> In other words, a hacker could cause a diabetic patient to receive either

> too much or too little insulin.

>

> Jerome Radcliffe says he experimented on his own equipment. He suspects

> that

> other brands are probably just as vulnerable.

>

> Radcliffe stated that, " My initial reaction was that this was really cool

> from a technical perspective. " " The second reaction was one of maybe sheer

> terror, to know that there's no security around the devices which are a

> very

> active part of keeping me alive. "

> A growing number of medical devices these days are hooked up to

> communication systems so that doctors and other professionals can be

> involved in a patient's care from a distance. Examples include pacemakers,

> operating room monitors, and ICU equipment. In fact, some of these devices

> can be remotely controlled.

>

> So far, there have been no reports of hackers messing with medical devices

> used by diabetics. However, Radcliffe's findings should be of concern to

> medical device makers and those who buy and use them -- the potential is

> there.

>

> Even though attacks have been demonstrated on some devices, such as

> defibrillators and pacemakers, medical device companies say that these have

> been done by skilled professionals and cannot occur outside laboratory

> conditions. Perhaps they should check out the skills of some hackers around

> the world, some people have suggested.

>

> For hackers, hacking is a goal to reach. If medical devices come into their

> sights, and one person manages to mess with things, others might follow

> suit, even offering new programs for more sophisticated attacks.

>

> Experts say most devices are vulnerable and do not have advanced processors

> which could include sophisticated encryptions.

>

> Radcliffe, who wears an insulin pump, stated that, it can be used with a

> remote control to administer insulin. After some effort, he was able to

> reprogram it so that it would respond to another remote. He did that with a

> USB device. He could see what data the computer with the USB device was

> transmitting to the insulin pump and by tweaking the USB device he could

> make the pump do more or less whatever he wanted.

>

> The hacker needs to be within about two hundred feet from the patient,

> plenty of distance for somebody walking around inside a hospital. Other

> devices used by diabetes patients can also be altered remotely.

>

> Scientists at the Massachusetts Institute of Technology and University of

> Massachusetts are developing jammers that can be worn: they claim they

> would

> defend medical devices from the hacker's signals. Some have asked whether

> this might not also stop doctors from doing their work remotely.

>

> --

> Ortiz, MS, RD

> *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> Check out my blog: mixture of deals and nutrition

> Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> * " If it works and research proven, it wouldn't be called Alternative " *

>

>

[Guest guest]

This will be a very begginer hacker. Hackers are the most advanced on IT access

and programing etc. Braking into something as simple (IT-wise) as an insuline

pump is " kindergarden matwerial to a hacker). Hacking to an insulin pump sound a

bit of science fiction to me, not because it is not possible technically but bc

it is not interesting, unless you told me our president is a diabetic on a pump,

then we might have a national security issue. But, as far as I know our

President is well and healthy

Merav Levi, RD, MS, CDN

A dietitian, not the food police.

http://www.linkedin.com/in/meravlevi

" Life is not measured by the number of breath you take, but by the moments that

take your breath away. " - Carlin

" People don't forget the truth, they just become better in lying " (Revolutionary

Road)

To: rd-usa

From: nrord1@...

Date: Sun, 14 Aug 2011 15:40:44 -0400

Subject: Re: Hackers Can Remotely Manipulate Insulin Pumps

Hackers do it to prove they can in many cases...how many of our emails have

been hacked?? Also it would be a perfect way to commit harm....

>

> Isn't it a bit paranoyid though?

> Most of the medical equipment is computerised these days. Hacking to

> hospital chart of a VIP/celebrity - maybe of an interest to the tabloids.

> To hack to soemthing, you need internet connection. I don't think the

> insulin pumps or for that matter, mechanical ventilators, BP machins etc.

> are " open " for hacking. In addition, I don't see how hackers even have

> intersts in that. Hackers look for fame, to be on the news. I can see a

> " futuristic title " of " kid died of hypoglycemic shock due to hacking " but

> really? Breaking into the CIA/FBI/ big banks or Co. is the goal of hackers,

> insulin pump? I don't think so.

> Something is a bit disturbing here, but not on the hacking side, I think.

>

> Merav Levi, RD, MS, CDN

> A dietitian, not the food police.

>

> http://www.linkedin.com/in/meravlevi

>

>

>

>

>

>

> " Life is not measured by the number of breath you take, but by the moments

> that take your breath away. " - Carlin

> " People don't forget the truth, they just become better in lying "

> (Revolutionary Road)

>

>

>

>

>

>

>

> To: rd-usa

> From: nrord1@...

> Date: Sat, 13 Aug 2011 16:09:45 -0400

> Subject: Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

> *To me this is disturbing....*

> *Insulin pumps are vulnerable to determined hackers who could also remotely

> mess up the readings of blood-sugar monitors, a security researcher who has

> diabetes revealed at the Black Hat computer security conference, Las Vegas,

> Nevada.*...

>

> In other words, a hacker could cause a diabetic patient to receive either

> too much or too little insulin.

>

> Jerome Radcliffe says he experimented on his own equipment. He suspects

> that

> other brands are probably just as vulnerable.

>

> Radcliffe stated that, " My initial reaction was that this was really cool

> from a technical perspective. " " The second reaction was one of maybe sheer

> terror, to know that there's no security around the devices which are a

> very

> active part of keeping me alive. "

> A growing number of medical devices these days are hooked up to

> communication systems so that doctors and other professionals can be

> involved in a patient's care from a distance. Examples include pacemakers,

> operating room monitors, and ICU equipment. In fact, some of these devices

> can be remotely controlled.

>

> So far, there have been no reports of hackers messing with medical devices

> used by diabetics. However, Radcliffe's findings should be of concern to

> medical device makers and those who buy and use them -- the potential is

> there.

>

> Even though attacks have been demonstrated on some devices, such as

> defibrillators and pacemakers, medical device companies say that these have

> been done by skilled professionals and cannot occur outside laboratory

> conditions. Perhaps they should check out the skills of some hackers around

> the world, some people have suggested.

>

> For hackers, hacking is a goal to reach. If medical devices come into their

> sights, and one person manages to mess with things, others might follow

> suit, even offering new programs for more sophisticated attacks.

>

> Experts say most devices are vulnerable and do not have advanced processors

> which could include sophisticated encryptions.

>

> Radcliffe, who wears an insulin pump, stated that, it can be used with a

> remote control to administer insulin. After some effort, he was able to

> reprogram it so that it would respond to another remote. He did that with a

> USB device. He could see what data the computer with the USB device was

> transmitting to the insulin pump and by tweaking the USB device he could

> make the pump do more or less whatever he wanted.

>

> The hacker needs to be within about two hundred feet from the patient,

> plenty of distance for somebody walking around inside a hospital. Other

> devices used by diabetes patients can also be altered remotely.

>

> Scientists at the Massachusetts Institute of Technology and University of

> Massachusetts are developing jammers that can be worn: they claim they

> would

> defend medical devices from the hacker's signals. Some have asked whether

> this might not also stop doctors from doing their work remotely.

>

> --

> Ortiz, MS, RD

> *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> Check out my blog: mixture of deals and nutrition

> Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> * " If it works and research proven, it wouldn't be called Alternative " *

>

>

[Guest guest]

Being an " anti-hacker " is what my husband does for a living.  This is a very

real concern-and he was able to list off why a hacker would be motivated to do

this for a variety of reasons-including any world leader being on a pump.  What

about other important figureheads being forced to do something against their

will because someone has threatened to attack their pump or pacemaker?  And its

not just pumps that are at risk-many other medical devices have bluetooth

access-this is how they go about hacking into these devices.

Most assumptions by good folks about what hackers would and wouldnt do fail to

understand the various motives of bad folks in the spectrum of hackers.

My husband has offered to do a webinar on this topic for health

professionals if there is enough interest.  Please let me know-he's one of the

best in his field (although I am a bit bias!)

Corman

H. Corman, MS, RD, LD

Assistant Director

UNH Dietetic Internship

Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

> *To me this is disturbing....*

> *Insulin pumps are vulnerable to determined hackers who could also remotely

> mess up the readings of blood-sugar monitors, a security researcher who has

> diabetes revealed at the Black Hat computer security conference, Las Vegas,

> Nevada.*...

>

> In other words, a hacker could cause a diabetic patient to receive either

> too much or too little insulin.

>

> Jerome Radcliffe says he experimented on his own equipment. He suspects

> that

> other brands are probably just as vulnerable.

>

> Radcliffe stated that, " My initial reaction was that this was really cool

> from a technical perspective. " " The second reaction was one of maybe sheer

> terror, to know that there's no security around the devices which are a

> very

> active part of keeping me alive. "

> A growing number of medical devices these days are hooked up to

> communication systems so that doctors and other professionals can be

> involved in a patient's care from a distance. Examples include pacemakers,

> operating room monitors, and ICU equipment. In fact, some of these devices

> can be remotely controlled.

>

> So far, there have been no reports of hackers messing with medical devices

> used by diabetics. However, Radcliffe's findings should be of concern to

> medical device makers and those who buy and use them -- the potential is

> there.

>

> Even though attacks have been demonstrated on some devices, such as

> defibrillators and pacemakers, medical device companies say that these have

> been done by skilled professionals and cannot occur outside laboratory

> conditions. Perhaps they should check out the skills of some hackers around

> the world, some people have suggested.

>

> For hackers, hacking is a goal to reach. If medical devices come into their

> sights, and one person manages to mess with things, others might follow

> suit, even offering new programs for more sophisticated attacks.

>

> Experts say most devices are vulnerable and do not have advanced processors

> which could include sophisticated encryptions.

>

> Radcliffe, who wears an insulin pump, stated that, it can be used with a

> remote control to administer insulin. After some effort, he was able to

> reprogram it so that it would respond to another remote. He did that with a

> USB device. He could see what data the computer with the USB device was

> transmitting to the insulin pump and by tweaking the USB device he could

> make the pump do more or less whatever he wanted.

>

> The hacker needs to be within about two hundred feet from the patient,

> plenty of distance for somebody walking around inside a hospital. Other

> devices used by diabetes patients can also be altered remotely.

>

> Scientists at the Massachusetts Institute of Technology and University of

> Massachusetts are developing jammers that can be worn: they claim they

> would

> defend medical devices from the hacker's signals. Some have asked whether

> this might not also stop doctors from doing their work remotely.

>

> --

> Ortiz, MS, RD

> *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> Check out my blog: mixture of deals and nutrition

> Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> * " If it works and research proven, it wouldn't be called Alternative " *

>

>

[Guest guest]

My husband would be VERY interested in that subject .

> **

>

>

>

>

> Being an " anti-hacker " is what my husband does for a living. This is a

> very real concern-and he was able to list off why a hacker would be

> motivated to do this for a variety of reasons-including any world leader

> being on a pump. What about other important figureheads being forced to do

> something against their will because someone has threatened to attack their

> pump or pacemaker? And its not just pumps that are at risk-many other

> medical devices have bluetooth access-this is how they go about hacking into

> these devices.

>

> Most assumptions by good folks about what hackers would and wouldnt do fail

> to understand the various motives of bad folks in the spectrum of hackers.

>

> My husband has offered to do a webinar on this topic for health

> professionals if there is enough interest. Please let me know-he's one of

> the best in his field (although I am a bit bias!)

>

> Corman

>

> H. Corman, MS, RD, LD

> Assistant Director

> UNH Dietetic Internship

>

>

> Hackers Can Remotely Manipulate Insulin Pumps

> >

> >

> >

> >

> >

> >

> > *To me this is disturbing....*

> > *Insulin pumps are vulnerable to determined hackers who could also

> remotely

> > mess up the readings of blood-sugar monitors, a security researcher who

> has

> > diabetes revealed at the Black Hat computer security conference, Las

> Vegas,

> > Nevada.*...

> >

> > In other words, a hacker could cause a diabetic patient to receive either

>

> > too much or too little insulin.

> >

> > Jerome Radcliffe says he experimented on his own equipment. He suspects

> > that

> > other brands are probably just as vulnerable.

> >

> > Radcliffe stated that, " My initial reaction was that this was really cool

>

> > from a technical perspective. " " The second reaction was one of maybe

> sheer

> > terror, to know that there's no security around the devices which are a

> > very

> > active part of keeping me alive. "

> > A growing number of medical devices these days are hooked up to

> > communication systems so that doctors and other professionals can be

> > involved in a patient's care from a distance. Examples include

> pacemakers,

> > operating room monitors, and ICU equipment. In fact, some of these

> devices

> > can be remotely controlled.

> >

> > So far, there have been no reports of hackers messing with medical

> devices

> > used by diabetics. However, Radcliffe's findings should be of concern to

> > medical device makers and those who buy and use them -- the potential is

> > there.

> >

> > Even though attacks have been demonstrated on some devices, such as

> > defibrillators and pacemakers, medical device companies say that these

> have

> > been done by skilled professionals and cannot occur outside laboratory

> > conditions. Perhaps they should check out the skills of some hackers

> around

> > the world, some people have suggested.

> >

> > For hackers, hacking is a goal to reach. If medical devices come into

> their

> > sights, and one person manages to mess with things, others might follow

> > suit, even offering new programs for more sophisticated attacks.

> >

> > Experts say most devices are vulnerable and do not have advanced

> processors

> > which could include sophisticated encryptions.

> >

> > Radcliffe, who wears an insulin pump, stated that, it can be used with a

> > remote control to administer insulin. After some effort, he was able to

> > reprogram it so that it would respond to another remote. He did that with

> a

> > USB device. He could see what data the computer with the USB device was

> > transmitting to the insulin pump and by tweaking the USB device he could

> > make the pump do more or less whatever he wanted.

> >

> > The hacker needs to be within about two hundred feet from the patient,

> > plenty of distance for somebody walking around inside a hospital. Other

> > devices used by diabetes patients can also be altered remotely.

> >

> > Scientists at the Massachusetts Institute of Technology and University of

>

> > Massachusetts are developing jammers that can be worn: they claim they

> > would

> > defend medical devices from the hacker's signals. Some have asked whether

>

> > this might not also stop doctors from doing their work remotely.

> >

> > --

> > Ortiz, MS, RD

> > *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> > Check out my blog: mixture of deals and nutrition

> > Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> > * " If it works and research proven, it wouldn't be called Alternative " *

> >

> >

[Guest guest]

It is important for RDs to really understand technology security.

Many insulin pumps are now bluetooth equipped. We've talked to folks who are

working on integrating insulin pump functions with iPhone/iPods. What makes

technology work for the user also sometimes makes it work for the folks with not

so good intent.

Hackers do what they do for a number of reasons.

Regards,

pam

Pam Charney, PhD, RD

Pamela Charney and Associates, LLC

consultants in nutrition informatics

Transforming Nutrition Care With Informatics

pcharney@...

http://www.linkedin.com/in/pamcharney

" Those who say it can't be done are usually interrupted by those doing it. " --

Baldwin

>

>

> Being an " anti-hacker " is what my husband does for a living. This is a very

real concern-and he was able to list off why a hacker would be motivated to do

this for a variety of reasons-including any world leader being on a pump. What

about other important figureheads being forced to do something against their

will because someone has threatened to attack their pump or pacemaker? And its

not just pumps that are at risk-many other medical devices have bluetooth

access-this is how they go about hacking into these devices.

>

> Most assumptions by good folks about what hackers would and wouldnt do fail to

understand the various motives of bad folks in the spectrum of hackers.

>

> My husband has offered to do a webinar on this topic for health professionals

if there is enough interest. Please let me know-he's one of the best in his

field (although I am a bit bias!)

>

> Corman

>

> H. Corman, MS, RD, LD

> Assistant Director

> UNH Dietetic Internship

>

>

> Hackers Can Remotely Manipulate Insulin Pumps

> >

> >

> >

> >

> >

> >

> > *To me this is disturbing....*

> > *Insulin pumps are vulnerable to determined hackers who could also remotely

> > mess up the readings of blood-sugar monitors, a security researcher who has

> > diabetes revealed at the Black Hat computer security conference, Las Vegas,

> > Nevada.*...

> >

> > In other words, a hacker could cause a diabetic patient to receive either

> > too much or too little insulin.

> >

> > Jerome Radcliffe says he experimented on his own equipment. He suspects

> > that

> > other brands are probably just as vulnerable.

> >

> > Radcliffe stated that, " My initial reaction was that this was really cool

> > from a technical perspective. " " The second reaction was one of maybe sheer

> > terror, to know that there's no security around the devices which are a

> > very

> > active part of keeping me alive. "

> > A growing number of medical devices these days are hooked up to

> > communication systems so that doctors and other professionals can be

> > involved in a patient's care from a distance. Examples include pacemakers,

> > operating room monitors, and ICU equipment. In fact, some of these devices

> > can be remotely controlled.

> >

> > So far, there have been no reports of hackers messing with medical devices

> > used by diabetics. However, Radcliffe's findings should be of concern to

> > medical device makers and those who buy and use them -- the potential is

> > there.

> >

> > Even though attacks have been demonstrated on some devices, such as

> > defibrillators and pacemakers, medical device companies say that these have

> > been done by skilled professionals and cannot occur outside laboratory

> > conditions. Perhaps they should check out the skills of some hackers around

> > the world, some people have suggested.

> >

> > For hackers, hacking is a goal to reach. If medical devices come into their

> > sights, and one person manages to mess with things, others might follow

> > suit, even offering new programs for more sophisticated attacks.

> >

> > Experts say most devices are vulnerable and do not have advanced processors

> > which could include sophisticated encryptions.

> >

> > Radcliffe, who wears an insulin pump, stated that, it can be used with a

> > remote control to administer insulin. After some effort, he was able to

> > reprogram it so that it would respond to another remote. He did that with a

> > USB device. He could see what data the computer with the USB device was

> > transmitting to the insulin pump and by tweaking the USB device he could

> > make the pump do more or less whatever he wanted.

> >

> > The hacker needs to be within about two hundred feet from the patient,

> > plenty of distance for somebody walking around inside a hospital. Other

> > devices used by diabetes patients can also be altered remotely.

> >

> > Scientists at the Massachusetts Institute of Technology and University of

> > Massachusetts are developing jammers that can be worn: they claim they

> > would

> > defend medical devices from the hacker's signals. Some have asked whether

> > this might not also stop doctors from doing their work remotely.

> >

> > --

> > Ortiz, MS, RD

> > *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> > Check out my blog: mixture of deals and nutrition

> > Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> > * " If it works and research proven, it wouldn't be called Alternative " *

> >

> >

[Guest guest]

I would be interested . Tell your husband thanks for the offer!!!

Jacquelyn A. Pressly, RD, CLT

The NATURAL dietitian

Specializing in Wellness and Prevention, Personal Nutrition Coaching

and Designer Lifestyle Plans to help you get on the health track

Northeast Ohio & Western Pennsylvania

Internet and telecounseling available for distance clients

jpress50@...

If you are what you eat, then dietitians are the doctors of the future

Re: Hackers Can Remotely Manipulate Insulin Pumps

Being an " anti-hacker " is what my husband does for a living. This is a very

real concern-and he was able to list off why a hacker would be motivated to do

this for a variety of reasons-including any world leader being on a pump. What

about other important figureheads being forced to do something against their

will because someone has threatened to attack their pump or pacemaker? And its

not just pumps that are at risk-many other medical devices have bluetooth

access-this is how they go about hacking into these devices.

Most assumptions by good folks about what hackers would and wouldnt do fail to

understand the various motives of bad folks in the spectrum of hackers.

My husband has offered to do a webinar on this topic for health professionals if

there is enough interest. Please let me know-he's one of the best in his field

(although I am a bit bias!)

Corman

H. Corman, MS, RD, LD

Assistant Director

UNH Dietetic Internship

Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

> *To me this is disturbing....*

> *Insulin pumps are vulnerable to determined hackers who could also remotely

> mess up the readings of blood-sugar monitors, a security researcher who has

> diabetes revealed at the Black Hat computer security conference, Las Vegas,

> Nevada.*...

>

> In other words, a hacker could cause a diabetic patient to receive either

> too much or too little insulin.

>

> Jerome Radcliffe says he experimented on his own equipment. He suspects

> that

> other brands are probably just as vulnerable.

>

> Radcliffe stated that, " My initial reaction was that this was really cool

> from a technical perspective. " " The second reaction was one of maybe sheer

> terror, to know that there's no security around the devices which are a

> very

> active part of keeping me alive. "

> A growing number of medical devices these days are hooked up to

> communication systems so that doctors and other professionals can be

> involved in a patient's care from a distance. Examples include pacemakers,

> operating room monitors, and ICU equipment. In fact, some of these devices

> can be remotely controlled.

>

> So far, there have been no reports of hackers messing with medical devices

> used by diabetics. However, Radcliffe's findings should be of concern to

> medical device makers and those who buy and use them -- the potential is

> there.

>

> Even though attacks have been demonstrated on some devices, such as

> defibrillators and pacemakers, medical device companies say that these have

> been done by skilled professionals and cannot occur outside laboratory

> conditions. Perhaps they should check out the skills of some hackers around

> the world, some people have suggested.

>

> For hackers, hacking is a goal to reach. If medical devices come into their

> sights, and one person manages to mess with things, others might follow

> suit, even offering new programs for more sophisticated attacks.

>

> Experts say most devices are vulnerable and do not have advanced processors

> which could include sophisticated encryptions.

>

> Radcliffe, who wears an insulin pump, stated that, it can be used with a

> remote control to administer insulin. After some effort, he was able to

> reprogram it so that it would respond to another remote. He did that with a

> USB device. He could see what data the computer with the USB device was

> transmitting to the insulin pump and by tweaking the USB device he could

> make the pump do more or less whatever he wanted.

>

> The hacker needs to be within about two hundred feet from the patient,

> plenty of distance for somebody walking around inside a hospital. Other

> devices used by diabetes patients can also be altered remotely.

>

> Scientists at the Massachusetts Institute of Technology and University of

> Massachusetts are developing jammers that can be worn: they claim they

> would

> defend medical devices from the hacker's signals. Some have asked whether

> this might not also stop doctors from doing their work remotely.

>

> --

> Ortiz, MS, RD

> *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> Check out my blog: mixture of deals and nutrition

> Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> * " If it works and research proven, it wouldn't be called Alternative " *

>

>

[Guest guest]

Hi ,

I am the chair of ADA's Nutrition Entrepreneurs Technology & Social

Media specialty. While it would be interesting to learn how medical

devices can be hacked into, an issue that has plagues many dietitians is

getting their social media and email accounts hacked. I wonder if your

husband would be interested in doing a webinar for NE on these topics of

hacking and what additional ideas you / he has for how to prevent

getting hacked?

healthy regards,

Joanne Larsen MS RD LD

NE Technology & Social Media chair

>

>

>

> Being an " anti-hacker " is what my husband does for a living. This is

> a very real concern-and he was able to list off why a hacker would be

> motivated to do this for a variety of reasons-including any world

> leader being on a pump. What about other important figureheads being

> forced to do something against their will because someone has

> threatened to attack their pump or pacemaker? And its not just pumps

> that are at risk-many other medical devices have bluetooth access-this

> is how they go about hacking into these devices.

>

> Most assumptions by good folks about what hackers would and wouldnt do

> fail to understand the various motives of bad folks in the spectrum of

> hackers.

>

> My husband has offered to do a webinar on this topic for health

> professionals if there is enough interest. Please let me know-he's

> one of the best in his field (although I am a bit bias!)

>

> Corman

>

> H. Corman, MS, RD, LD

> Assistant Director

> UNH Dietetic Internship

>

>

> Hackers Can Remotely Manipulate Insulin Pumps

> >

> >

> >

> >

> >

> >

> > *To me this is disturbing....*

> > *Insulin pumps are vulnerable to determined hackers who could also

> remotely

> > mess up the readings of blood-sugar monitors, a security researcher

> who has

> > diabetes revealed at the Black Hat computer security conference, Las

> Vegas,

> > Nevada.*...

> >

> > In other words, a hacker could cause a diabetic patient to receive

> either

> > too much or too little insulin.

> >

> > Jerome Radcliffe says he experimented on his own equipment. He suspects

> > that

> > other brands are probably just as vulnerable.

> >

> > Radcliffe stated that, " My initial reaction was that this was really

> cool

> > from a technical perspective. " " The second reaction was one of maybe

> sheer

> > terror, to know that there's no security around the devices which are a

> > very

> > active part of keeping me alive. "

> > A growing number of medical devices these days are hooked up to

> > communication systems so that doctors and other professionals can be

> > involved in a patient's care from a distance. Examples include

> pacemakers,

> > operating room monitors, and ICU equipment. In fact, some of these

> devices

> > can be remotely controlled.

> >

> > So far, there have been no reports of hackers messing with medical

> devices

> > used by diabetics. However, Radcliffe's findings should be of

> concern to

> > medical device makers and those who buy and use them -- the

> potential is

> > there.

> >

> > Even though attacks have been demonstrated on some devices, such as

> > defibrillators and pacemakers, medical device companies say that

> these have

> > been done by skilled professionals and cannot occur outside laboratory

> > conditions. Perhaps they should check out the skills of some hackers

> around

> > the world, some people have suggested.

> >

> > For hackers, hacking is a goal to reach. If medical devices come

> into their

> > sights, and one person manages to mess with things, others might follow

> > suit, even offering new programs for more sophisticated attacks.

> >

> > Experts say most devices are vulnerable and do not have advanced

> processors

> > which could include sophisticated encryptions.

> >

> > Radcliffe, who wears an insulin pump, stated that, it can be used

> with a

> > remote control to administer insulin. After some effort, he was able to

> > reprogram it so that it would respond to another remote. He did that

> with a

> > USB device. He could see what data the computer with the USB device was

> > transmitting to the insulin pump and by tweaking the USB device he

> could

> > make the pump do more or less whatever he wanted.

> >

> > The hacker needs to be within about two hundred feet from the patient,

> > plenty of distance for somebody walking around inside a hospital. Other

> > devices used by diabetes patients can also be altered remotely.

> >

> > Scientists at the Massachusetts Institute of Technology and

> University of

> > Massachusetts are developing jammers that can be worn: they claim they

> > would

> > defend medical devices from the hacker's signals. Some have asked

> whether

> > this might not also stop doctors from doing their work remotely.

> >

> > --

> > Ortiz, MS, RD

> > *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> > Check out my blog: mixture of deals and nutrition

> > Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> > * " If it works and research proven, it wouldn't be called Alternative " *

> >

> >

[Guest guest]

I am all for secirity. I am sure, also, that 's husband job is geared

towards corporations, or occupations that are online or have online access, have

sensitive information that should not be easily accessed. Yes, I also saw it on

the news the developing of an iphone app for diabetes, which I think is great.

What I am saying - the possibility of an access is very possible. The desire of

a hacker to do so, is a whole different story, and this is where I strongly

disagree. While I dont know the " hacker state of mind " , I do know the terrorist

train of thought (previous training) and a hacker is a computer " terrorist " , if

you will. With no great publicity,a form of protest, political/social etc

statement, the hacker, like the terrorist, is not intersted. Please, do explain

what a hacker will gain from changing my insulin pump setting and make me die of

hypo-shock? Will you hear it in the news? I am not that famos. Create fear? I

think e-mails like that feed on that fear more then the actual possibility. To

me, it looks like an attempt to raise fear from nothing and maybe gain something

for the " anti-hacking " job market.

But I can conclude to agree to disagree. Prove me wrong with the first report of

hacking to ANY small medical device (not an e-chart). After all, anti-hacking "

business was born after the first hacking happened. and yes, we would like to be

on the " preventive " side, we still have to live in the real world, with no

un-realistic fear involved. IN m opinion, this fear is not real.

Merav Levi, RD, MS, CDNA dietitian, not the food police.

http://www.linkedin.com/in/meravlevi

" Life is not measured by the number of breath you take, but by the moments that

take your breath away. " - Carlin " People don't forget the truth, they just

become better in lying " (Revolutionary Road)

To: rd-usa

From: Jpress50@...

Date: Mon, 15 Aug 2011 12:33:09 -0400

Subject: Re: Hackers Can Remotely Manipulate Insulin Pumps

I would be interested . Tell your husband thanks for the offer!!!

Jacquelyn A. Pressly, RD, CLT

The NATURAL dietitian

Specializing in Wellness and Prevention, Personal Nutrition Coaching

and Designer Lifestyle Plans to help you get on the health track

Northeast Ohio & Western Pennsylvania

Internet and telecounseling available for distance clients

jpress50@...

If you are what you eat, then dietitians are the doctors of the future

Re: Hackers Can Remotely Manipulate Insulin Pumps

Being an " anti-hacker " is what my husband does for a living. This is a very real

concern-and he was able to list off why a hacker would be motivated to do this

for a variety of reasons-including any world leader being on a pump. What about

other important figureheads being forced to do something against their will

because someone has threatened to attack their pump or pacemaker? And its not

just pumps that are at risk-many other medical devices have bluetooth

access-this is how they go about hacking into these devices.

Most assumptions by good folks about what hackers would and wouldnt do fail to

understand the various motives of bad folks in the spectrum of hackers.

My husband has offered to do a webinar on this topic for health professionals if

there is enough interest. Please let me know-he's one of the best in his field

(although I am a bit bias!)

Corman

H. Corman, MS, RD, LD

Assistant Director

UNH Dietetic Internship

Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

> *To me this is disturbing....*

> *Insulin pumps are vulnerable to determined hackers who could also remotely

> mess up the readings of blood-sugar monitors, a security researcher who has

> diabetes revealed at the Black Hat computer security conference, Las Vegas,

> Nevada.*...

>

> In other words, a hacker could cause a diabetic patient to receive either

> too much or too little insulin.

>

> Jerome Radcliffe says he experimented on his own equipment. He suspects

> that

> other brands are probably just as vulnerable.

>

> Radcliffe stated that, " My initial reaction was that this was really cool

> from a technical perspective. " " The second reaction was one of maybe sheer

> terror, to know that there's no security around the devices which are a

> very

> active part of keeping me alive. "

> A growing number of medical devices these days are hooked up to

> communication systems so that doctors and other professionals can be

> involved in a patient's care from a distance. Examples include pacemakers,

> operating room monitors, and ICU equipment. In fact, some of these devices

> can be remotely controlled.

>

> So far, there have been no reports of hackers messing with medical devices

> used by diabetics. However, Radcliffe's findings should be of concern to

> medical device makers and those who buy and use them -- the potential is

> there.

>

> Even though attacks have been demonstrated on some devices, such as

> defibrillators and pacemakers, medical device companies say that these have

> been done by skilled professionals and cannot occur outside laboratory

> conditions. Perhaps they should check out the skills of some hackers around

> the world, some people have suggested.

>

> For hackers, hacking is a goal to reach. If medical devices come into their

> sights, and one person manages to mess with things, others might follow

> suit, even offering new programs for more sophisticated attacks.

>

> Experts say most devices are vulnerable and do not have advanced processors

> which could include sophisticated encryptions.

>

> Radcliffe, who wears an insulin pump, stated that, it can be used with a

> remote control to administer insulin. After some effort, he was able to

> reprogram it so that it would respond to another remote. He did that with a

> USB device. He could see what data the computer with the USB device was

> transmitting to the insulin pump and by tweaking the USB device he could

> make the pump do more or less whatever he wanted.

>

> The hacker needs to be within about two hundred feet from the patient,

> plenty of distance for somebody walking around inside a hospital. Other

> devices used by diabetes patients can also be altered remotely.

>

> Scientists at the Massachusetts Institute of Technology and University of

> Massachusetts are developing jammers that can be worn: they claim they

> would

> defend medical devices from the hacker's signals. Some have asked whether

> this might not also stop doctors from doing their work remotely.

>

> --

> Ortiz, MS, RD

> *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

> Check out my blog: mixture of deals and nutrition

> Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

> * " If it works and research proven, it wouldn't be called Alternative " *

>

>

[Guest guest]

Why do kids bash in mailboxes, do graffiti, steal traffic signs (which

causes death) because they can and they want to see if they can get away

with it.

>

> I am all for secirity. I am sure, also, that 's husband job is geared

> towards corporations, or occupations that are online or have online access,

> have sensitive information that should not be easily accessed. Yes, I also

> saw it on the news the developing of an iphone app for diabetes, which I

> think is great. What I am saying - the possibility of an access is very

> possible. The desire of a hacker to do so, is a whole different story, and

> this is where I strongly disagree. While I dont know the " hacker state of

> mind " , I do know the terrorist train of thought (previous training) and a

> hacker is a computer " terrorist " , if you will. With no great publicity,a

> form of protest, political/social etc statement, the hacker, like the

> terrorist, is not intersted. Please, do explain what a hacker will gain from

> changing my insulin pump setting and make me die of hypo-shock? Will you

> hear it in the news? I am not that famos. Create fear? I think e-mails like

> that feed on that fear more then the actual possibility. To me, it looks

> like an attempt to raise fear from nothing and maybe gain something for the

> " anti-hacking " job market.

> But I can conclude to agree to disagree. Prove me wrong with the first

> report of hacking to ANY small medical device (not an e-chart). After all,

> anti-hacking " business was born after the first hacking happened. and yes,

> we would like to be on the " preventive " side, we still have to live in the

> real world, with no un-realistic fear involved. IN m opinion, this fear is

> not real.

>

> Merav Levi, RD, MS, CDNA dietitian, not the food police.

> http://www.linkedin.com/in/meravlevi

>

> " Life is not measured by the number of breath you take, but by the moments

> that take your breath away. " - Carlin " People don't forget the truth,

> they just become better in lying " (Revolutionary Road)

>

>

> To: rd-usa

> From: Jpress50@...

> Date: Mon, 15 Aug 2011 12:33:09 -0400

> Subject: Re: Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> I would be interested . Tell your husband thanks for the offer!!!

>

>

>

> Jacquelyn A. Pressly, RD, CLT

>

> The NATURAL dietitian

>

> Specializing in Wellness and Prevention, Personal Nutrition Coaching

>

> and Designer Lifestyle Plans to help you get on the health track

>

> Northeast Ohio & Western Pennsylvania

>

> Internet and telecounseling available for distance clients

>

>

>

> jpress50@...

>

>

>

> If you are what you eat, then dietitians are the doctors of the future

>

>

>

> Re: Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

> Being an " anti-hacker " is what my husband does for a living. This is a very

> real concern-and he was able to list off why a hacker would be motivated to

> do this for a variety of reasons-including any world leader being on a pump.

> What about other important figureheads being forced to do something against

> their will because someone has threatened to attack their pump or pacemaker?

> And its not just pumps that are at risk-many other medical devices have

> bluetooth access-this is how they go about hacking into these devices.

>

>

>

> Most assumptions by good folks about what hackers would and wouldnt do fail

> to understand the various motives of bad folks in the spectrum of hackers.

>

>

>

> My husband has offered to do a webinar on this topic for health

> professionals if there is enough interest. Please let me know-he's one of

> the best in his field (although I am a bit bias!)

>

>

>

> Corman

>

>

>

> H. Corman, MS, RD, LD

>

> Assistant Director

>

> UNH Dietetic Internship

>

>

>

>

>

> Hackers Can Remotely Manipulate Insulin Pumps

>

> >

>

> >

>

> >

>

> >

>

> >

>

> >

>

> > *To me this is disturbing....*

>

> > *Insulin pumps are vulnerable to determined hackers who could also

> remotely

>

> > mess up the readings of blood-sugar monitors, a security researcher who

> has

>

> > diabetes revealed at the Black Hat computer security conference, Las

> Vegas,

>

> > Nevada.*...

>

> >

>

> > In other words, a hacker could cause a diabetic patient to receive either

>

> > too much or too little insulin.

>

> >

>

> > Jerome Radcliffe says he experimented on his own equipment. He suspects

>

> > that

>

> > other brands are probably just as vulnerable.

>

> >

>

> > Radcliffe stated that, " My initial reaction was that this was really cool

>

> > from a technical perspective. " " The second reaction was one of maybe

> sheer

>

> > terror, to know that there's no security around the devices which are a

>

> > very

>

> > active part of keeping me alive. "

>

> > A growing number of medical devices these days are hooked up to

>

> > communication systems so that doctors and other professionals can be

>

> > involved in a patient's care from a distance. Examples include

> pacemakers,

>

> > operating room monitors, and ICU equipment. In fact, some of these

> devices

>

> > can be remotely controlled.

>

> >

>

> > So far, there have been no reports of hackers messing with medical

> devices

>

> > used by diabetics. However, Radcliffe's findings should be of concern to

>

> > medical device makers and those who buy and use them -- the potential is

>

> > there.

>

> >

>

> > Even though attacks have been demonstrated on some devices, such as

>

> > defibrillators and pacemakers, medical device companies say that these

> have

>

> > been done by skilled professionals and cannot occur outside laboratory

>

> > conditions. Perhaps they should check out the skills of some hackers

> around

>

> > the world, some people have suggested.

>

> >

>

> > For hackers, hacking is a goal to reach. If medical devices come into

> their

>

> > sights, and one person manages to mess with things, others might follow

>

> > suit, even offering new programs for more sophisticated attacks.

>

> >

>

> > Experts say most devices are vulnerable and do not have advanced

> processors

>

> > which could include sophisticated encryptions.

>

> >

>

> > Radcliffe, who wears an insulin pump, stated that, it can be used with a

>

> > remote control to administer insulin. After some effort, he was able to

>

> > reprogram it so that it would respond to another remote. He did that with

> a

>

> > USB device. He could see what data the computer with the USB device was

>

> > transmitting to the insulin pump and by tweaking the USB device he could

>

> > make the pump do more or less whatever he wanted.

>

> >

>

> > The hacker needs to be within about two hundred feet from the patient,

>

> > plenty of distance for somebody walking around inside a hospital. Other

>

> > devices used by diabetes patients can also be altered remotely.

>

> >

>

> > Scientists at the Massachusetts Institute of Technology and University of

>

> > Massachusetts are developing jammers that can be worn: they claim they

>

> > would

>

> > defend medical devices from the hacker's signals. Some have asked whether

>

> > this might not also stop doctors from doing their work remotely.

>

> >

>

> > --

>

> > Ortiz, MS, RD

>

> > *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

>

> > Check out my blog: mixture of deals and nutrition

>

> > Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

>

> > * " If it works and research proven, it wouldn't be called Alternative " *

>

> >

>

> >

[Guest guest]

only hackers are beyond that. Its about showing how smart they are, not that

they can vandalize. A hacker will be insulted in the hacking spciety for hacking

into an insulin pump.

Merav Levi, RD, MS, CDNA dietitian, not the food police.

http://www.linkedin.com/in/meravlevi

" Life is not measured by the number of breath you take, but by the moments that

take your breath away. " - Carlin " People don't forget the truth, they just

become better in lying " (Revolutionary Road)

To: rd-usa

From: nrord1@...

Date: Mon, 15 Aug 2011 19:37:40 -0400

Subject: Re: Hackers Can Remotely Manipulate Insulin Pumps

Why do kids bash in mailboxes, do graffiti, steal traffic signs (which

causes death) because they can and they want to see if they can get away

with it.

>

> I am all for secirity. I am sure, also, that 's husband job is geared

> towards corporations, or occupations that are online or have online access,

> have sensitive information that should not be easily accessed. Yes, I also

> saw it on the news the developing of an iphone app for diabetes, which I

> think is great. What I am saying - the possibility of an access is very

> possible. The desire of a hacker to do so, is a whole different story, and

> this is where I strongly disagree. While I dont know the " hacker state of

> mind " , I do know the terrorist train of thought (previous training) and a

> hacker is a computer " terrorist " , if you will. With no great publicity,a

> form of protest, political/social etc statement, the hacker, like the

> terrorist, is not intersted. Please, do explain what a hacker will gain from

> changing my insulin pump setting and make me die of hypo-shock? Will you

> hear it in the news? I am not that famos. Create fear? I think e-mails like

> that feed on that fear more then the actual possibility. To me, it looks

> like an attempt to raise fear from nothing and maybe gain something for the

> " anti-hacking " job market.

> But I can conclude to agree to disagree. Prove me wrong with the first

> report of hacking to ANY small medical device (not an e-chart). After all,

> anti-hacking " business was born after the first hacking happened. and yes,

> we would like to be on the " preventive " side, we still have to live in the

> real world, with no un-realistic fear involved. IN m opinion, this fear is

> not real.

>

> Merav Levi, RD, MS, CDNA dietitian, not the food police.

> http://www.linkedin.com/in/meravlevi

>

> " Life is not measured by the number of breath you take, but by the moments

> that take your breath away. " - Carlin " People don't forget the truth,

> they just become better in lying " (Revolutionary Road)

>

>

> To: rd-usa

> From: Jpress50@...

> Date: Mon, 15 Aug 2011 12:33:09 -0400

> Subject: Re: Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

>

> I would be interested . Tell your husband thanks for the offer!!!

>

>

>

> Jacquelyn A. Pressly, RD, CLT

>

> The NATURAL dietitian

>

> Specializing in Wellness and Prevention, Personal Nutrition Coaching

>

> and Designer Lifestyle Plans to help you get on the health track

>

> Northeast Ohio & Western Pennsylvania

>

> Internet and telecounseling available for distance clients

>

>

>

> jpress50@...

>

>

>

> If you are what you eat, then dietitians are the doctors of the future

>

>

>

> Re: Hackers Can Remotely Manipulate Insulin Pumps

>

>

>

> Being an " anti-hacker " is what my husband does for a living. This is a very

> real concern-and he was able to list off why a hacker would be motivated to

> do this for a variety of reasons-including any world leader being on a pump.

> What about other important figureheads being forced to do something against

> their will because someone has threatened to attack their pump or pacemaker?

> And its not just pumps that are at risk-many other medical devices have

> bluetooth access-this is how they go about hacking into these devices.

>

>

>

> Most assumptions by good folks about what hackers would and wouldnt do fail

> to understand the various motives of bad folks in the spectrum of hackers.

>

>

>

> My husband has offered to do a webinar on this topic for health

> professionals if there is enough interest. Please let me know-he's one of

> the best in his field (although I am a bit bias!)

>

>

>

> Corman

>

>

>

> H. Corman, MS, RD, LD

>

> Assistant Director

>

> UNH Dietetic Internship

>

>

>

>

>

> Hackers Can Remotely Manipulate Insulin Pumps

>

> >

>

> >

>

> >

>

> >

>

> >

>

> >

>

> > *To me this is disturbing....*

>

> > *Insulin pumps are vulnerable to determined hackers who could also

> remotely

>

> > mess up the readings of blood-sugar monitors, a security researcher who

> has

>

> > diabetes revealed at the Black Hat computer security conference, Las

> Vegas,

>

> > Nevada.*...

>

> >

>

> > In other words, a hacker could cause a diabetic patient to receive either

>

> > too much or too little insulin.

>

> >

>

> > Jerome Radcliffe says he experimented on his own equipment. He suspects

>

> > that

>

> > other brands are probably just as vulnerable.

>

> >

>

> > Radcliffe stated that, " My initial reaction was that this was really cool

>

> > from a technical perspective. " " The second reaction was one of maybe

> sheer

>

> > terror, to know that there's no security around the devices which are a

>

> > very

>

> > active part of keeping me alive. "

>

> > A growing number of medical devices these days are hooked up to

>

> > communication systems so that doctors and other professionals can be

>

> > involved in a patient's care from a distance. Examples include

> pacemakers,

>

> > operating room monitors, and ICU equipment. In fact, some of these

> devices

>

> > can be remotely controlled.

>

> >

>

> > So far, there have been no reports of hackers messing with medical

> devices

>

> > used by diabetics. However, Radcliffe's findings should be of concern to

>

> > medical device makers and those who buy and use them -- the potential is

>

> > there.

>

> >

>

> > Even though attacks have been demonstrated on some devices, such as

>

> > defibrillators and pacemakers, medical device companies say that these

> have

>

> > been done by skilled professionals and cannot occur outside laboratory

>

> > conditions. Perhaps they should check out the skills of some hackers

> around

>

> > the world, some people have suggested.

>

> >

>

> > For hackers, hacking is a goal to reach. If medical devices come into

> their

>

> > sights, and one person manages to mess with things, others might follow

>

> > suit, even offering new programs for more sophisticated attacks.

>

> >

>

> > Experts say most devices are vulnerable and do not have advanced

> processors

>

> > which could include sophisticated encryptions.

>

> >

>

> > Radcliffe, who wears an insulin pump, stated that, it can be used with a

>

> > remote control to administer insulin. After some effort, he was able to

>

> > reprogram it so that it would respond to another remote. He did that with

> a

>

> > USB device. He could see what data the computer with the USB device was

>

> > transmitting to the insulin pump and by tweaking the USB device he could

>

> > make the pump do more or less whatever he wanted.

>

> >

>

> > The hacker needs to be within about two hundred feet from the patient,

>

> > plenty of distance for somebody walking around inside a hospital. Other

>

> > devices used by diabetes patients can also be altered remotely.

>

> >

>

> > Scientists at the Massachusetts Institute of Technology and University of

>

> > Massachusetts are developing jammers that can be worn: they claim they

>

> > would

>

> > defend medical devices from the hacker's signals. Some have asked whether

>

> > this might not also stop doctors from doing their work remotely.

>

> >

>

> > --

>

> > Ortiz, MS, RD

>

> > *The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

>

> > Check out my blog: mixture of deals and nutrition

>

> > Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

>

> > * " If it works and research proven, it wouldn't be called Alternative " *

>

> >

>

> >