Implanted medical devices like defibrillators and insulin pumps now include wireless connections to let doctors or technicians update software or download data—but such improvements could open the door to life-threatening wireless attacks. Security researchers have shown that they can surreptitiously reprogram an implanted defibrillator to stay inactive despite a cardiac emergency, deliver a 700-volt jolt when not required, or drain its battery.
A solution from researchers at Rice University, Houston, TX, and the security company RSA uses a heartbeat reading as a way to confirm that whoever is trying to reprogram or download data from a device is in direct contact with the patient and is not a remote hacker. This fix could work, the researchers say, even in emergency situations where no delay can be tolerated.
Using the new method, a doctor holds a device against the patient’s body, and takes a direct reading of the heartbeat. The device reads the patient’s heartbeat and compares it to one relayed in a wireless signal from the implant, and then confirms that the signals match. The wireless exchange of the heartbeat signal is encrypted, thwarting any attempt to hijack the communications during the exchange. The encryption is needed to prevent an attacker in a hospital or a battlefield setting from hijacking the signal in order to issue malicious instructions.
