News

Just like any other device that relies on a wireless connection, medical devices like insulin pumps and implants may be vulnerable to attack. In cases like these, a breach in security is not just an annoyance or financial liability — it may be a matter of life or death. Recently, at the Black Hat Technical Security Conference, a computer security expert demonstrated how he was able to interfere with his own insulin pump and glucose meter and retransmit it with fake data that would instruct the pump to administer too much or too little insulin, VentureBeat reports.

There is no question that security increasingly needs to be a consideration as medical devices move into the digital age. This real question is, what's the best way to tackle this issue? Essentially, the two main approaches to consider are: (1) Designing security features such as password protection and encryption right into the devices themselves; or, (2) devising technologies that work externally to provide security.

Dina Katabi, an associate professor in MIT's Department of Electrical Engineering and Computer Sciences, advocates the latter approach, pointing out that the direct integration of encryption into the devices could be dangerous in some cases. For example, if a patient were incapacitated, the emergency responder would waste valuable time retrieving an encryption key from the patient's medical provider.

In contrast, if the implant were protected by an external shield that could quickly be disabled, the encryption key would not need to be retrieved. Researchers at MIT and the University of Massachusetts-Amherst (UMass) developed one such external system that uses a jamming transmitter to permit only authorized users to communicate with it. The jamming transmitter handles encryption and authentication, meaning it would be able to work with implants already in existence — another potential advantage to handing security externally.

Click here for the full story.