Eduard Marin and Dave Singelée, researchers with KU Leuven University, Belgium, began examining the pacemakers under black box testing conditions in which they had no prior knowledge or special access to the devices, and used commercial off-the-shelf equipment to break the proprietary communications protocols.
From the position of blind attackers the pair managed to hack pacemakers from up to five metres away gaining the ability to deliver fatal shocks and turn off life-saving treatment.
The wireless attacks could also breach patient privacy, reading device information disclosing location history, treatments, and current state of health.
[...] "Using this black-box approach we just listened to the wireless communication channel and reverse-engineered the proprietary communication protocol. And once we knew all the zeros and ones in the message and their meaning, we could impersonate genuine readers and perform replay attacks etcetera."
(Score: 2) by Dogeball on Sunday December 04 2016, @03:36PM
Option 1) Tatoo the access code on the patient.
Option 2) Interact using a manufacturer-signed device that is provided to paramedics (I assume non-hackers need a specific device or software to control the settings anyway)
Option 3) Patient carries device or app paired to their pacemaker
Option 4) Hospital has ability to cut the damn device out and defibrilate the normal way.
It is emminently possible to make bad things as difficult as possible while making good things able to be done: this is called safety engineering.