Wear a pacemaker? Be nice to hackers 'cos they can kill you.

This is crazy: According to VentureBeat, "medical device security researchers have figured out how to turn off someone’s pacemaker via remote control."

What I found most worrying was this passage:

the devices have a built-in test mechanism which turns out to be a bug that can be exploited by hackers. There is no cryptographic key used to secure the wireless communication between the control device and the pacemaker.

The team can apparently turn off treatment wirelessly, thereby killing the patient.

The disclosure at Defcon wasn’t particularly detailed, though the paper has all of the information on the hack.

I find it unbelievable that a device as mission-critical as a pacemaker uses security through obscurity.

This should explode onto the mainstream news shortly.

Comments