Hackers Can Remotely Manipulate Insulin Pumps

[Guest guest]

*To me this is disturbing....*

*Insulin pumps are vulnerable to determined hackers who could also remotely

mess up the readings of blood-sugar monitors, a security researcher who has

diabetes revealed at the Black Hat computer security conference, Las Vegas,

Nevada.*...

In other words, a hacker could cause a diabetic patient to receive either

too much or too little insulin.

Jerome Radcliffe says he experimented on his own equipment. He suspects that

other brands are probably just as vulnerable.

Radcliffe stated that, " My initial reaction was that this was really cool

from a technical perspective. " " The second reaction was one of maybe sheer

terror, to know that there's no security around the devices which are a very

active part of keeping me alive. "

A growing number of medical devices these days are hooked up to

communication systems so that doctors and other professionals can be

involved in a patient's care from a distance. Examples include pacemakers,

operating room monitors, and ICU equipment. In fact, some of these devices

can be remotely controlled.

So far, there have been no reports of hackers messing with medical devices

used by diabetics. However, Radcliffe's findings should be of concern to

medical device makers and those who buy and use them -- the potential is

there.

Even though attacks have been demonstrated on some devices, such as

defibrillators and pacemakers, medical device companies say that these have

been done by skilled professionals and cannot occur outside laboratory

conditions. Perhaps they should check out the skills of some hackers around

the world, some people have suggested.

For hackers, hacking is a goal to reach. If medical devices come into their

sights, and one person manages to mess with things, others might follow

suit, even offering new programs for more sophisticated attacks.

Experts say most devices are vulnerable and do not have advanced processors

which could include sophisticated encryptions.

Radcliffe, who wears an insulin pump, stated that, it can be used with a

remote control to administer insulin. After some effort, he was able to

reprogram it so that it would respond to another remote. He did that with a

USB device. He could see what data the computer with the USB device was

transmitting to the insulin pump and by tweaking the USB device he could

make the pump do more or less whatever he wanted.

The hacker needs to be within about two hundred feet from the patient,

plenty of distance for somebody walking around inside a hospital. Other

devices used by diabetes patients can also be altered remotely.

Scientists at the Massachusetts Institute of Technology and University of

Massachusetts are developing jammers that can be worn: they claim they would

defend medical devices from the hacker's signals. Some have asked whether

this might not also stop doctors from doing their work remotely.

--

Ortiz, MS, RD

*The FRUGAL Dietitian* <http://www.thefrugaldietitian.com>

Check out my blog: mixture of deals and nutrition

Join me on Facebook <http://www.facebook.com/TheFrugalDietitian?ref=ts>

* " If it works and research proven, it wouldn't be called Alternative " *