A team of academic security researchers from KU Leuwen, Belgium, have discovered that medical implants like electrical brain implants are quite insecure devices because these have defected [sic] wireless interfaces.
Researchers identified that the security factor of these devices is pretty weak; the defects in their wireless interfaces can allow attackers obtain sensitive neurological data, administer shocks and intercept confidential medical data, which gets transmitted between the implant and the connected devices that are responsible for controlling, updating and reading it.
[...] By hacking neurostimulators, an attacker can cause irreversible damage to the patients by preventing them from speaking or moving. The hacking may also prove to be life-threatening, wrote the Belgian researchers in their paper that provide details about the research findings.
Source: Hackread
The research paper in PDF form. [DOI: 10.1145/3176258.3176310]
From the abstract:
Implantable medical devices (IMDs) typically rely on proprietary protocols to wirelessly communicate with external device programmers. In this paper, we fully reverse engineer the proprietary protocol between a device programmer and a widely used commercial neurostimulator from one of the leading IMD manufacturers. For the reverse engineering, we follow a black-box approach and use inexpensive hardware equipment. We document the message format and the protocol state-machine, and show that the transmissions sent over the air are neither encrypted nor authenticated. Furthermore, we conduct several software radio-based attacks that could compromise the safety and privacy of patients, and investigate the feasibility of performing these attacks in real scenarios.
(Score: 4, Insightful) by crafoo on Tuesday April 24 2018, @03:15PM (5 children)
I guess I expected much more care to be taken in wireless signals transmitted to something that directly affects a patient's brain operation. In a world where Hollywood movies are protected by the best encryption available, and publishers are demanding end-to-end encryption of digital signals to play back their entertainment.. brain interface devices are wide open, without even authentication of the signal's origin? What a strange world.
(Score: 1, Interesting) by Anonymous Coward on Tuesday April 24 2018, @03:58PM (2 children)
Literally everything in medicine is proprietary and security by obscurity. There's a reason your hospital runs on out-of-date Windows - and we're talking XP or 7 here, never later than 7 - because their suppliers and software providers can't be bothered to make anything up to date or standards-compliant. The joke is really that they claim to care about information security / protected health information, then shoot themselves in both feet right at boot time.
Of course the devices are no different.
It is worth noting, however, that for implanted stuff running on super low power batteries, adding encryption is nontrivial and may well tank the battery life. Telling patients the new version lasts half or a third as long as last year's version is not going to go over well.
(Score: 2) by HiThere on Tuesday April 24 2018, @05:14PM (1 child)
It's actually worse than that, they don't just run an out of date MSWindows machine, they run one without many of the security patches. Because it would cost a lot to get the updated one certified...and the manufacturer is the one who would need to do the certification, and he'd rather sell you a new machine (that also wouldn't get updates). And some of those things are *EXPENSIVE*.
It a combination of bureaucracy and perverse incentives. But since any patch might break the drivers, there is no obvious way forwards except keeping them all isolated from the internet. Unfortunately, that would be inconvenient.
But with medical devices, I think they're made by people who considered IoT to be insanely secure.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 0) by Anonymous Coward on Wednesday April 25 2018, @04:33AM
And also ineffective. There is always at least one boob with a USB stick around, cf. Stuxnet [wikipedia.org].
(Score: 1, Funny) by Anonymous Coward on Tuesday April 24 2018, @04:04PM
The first thing I thought when I was this was holy shi—
What was I doing? Why is this comment box open? I'm certain there's nothing to worry about. Only a paranoid lunatic would think it could be used for mind contro— just a moment — just a moment — Oh! You also seem unaware of how important protecting our intellectual property is. Even now, Russian hackers could be giving the Chinese our most advanced summer romcom research. Protecting our romcoms is of utmost importance!
(Score: 4, Interesting) by JoeMerchant on Tuesday April 24 2018, @10:49PM
Ha! My first day on the job with a Neurostim company (in the very early 2000s) I was shocked (not literally - that happens at defibrillator companies) to learn that the device comm protocol had an 8 bit and "open" checksum. Not only was the checksum only 8 bits, but it was also a simple calculation which an attacker could/would guess easily by just observing a couple of transactions. So, program the device to 1mA - that's a 4 byte sequence. Program it to 2mA - another 4 byte sequence. Company approved programmer software (and FDA permission to market for human use) limits current to a maximum of ~2.5mA, but... if you just identify what changed between the 1 and 2 programming sequences, you could easily plug your own RS-232 port into the company programming wand and program 4 or 8 milliamps which has the potential to do several very bad things, but mostly is just really painful.
Feeling the need to step forward and voice my concerns, I was eventually (on the first day, before lunch) put face to face with the engineer / legal expert witness who blew the same smoke up my ass about how the mathematical analysis he did found that it would be so many billions of years before a random error caused an adverse programming event. Yeah, I'm not buying what you're selling, but I'm not the customer. So, 18 months later he, I, and the programmer software lead were called into a room to investigate a rash of reports of inadvertent programming error events with associated painful stimulation. Turns out that the programming code for 8mA stim is just like the programming code for a common lower stim value, except that the 8mA code ends in all zeroes (including that 8 bit checksum), so accidentally moving the programming wand away too early lead to programming the device to max (and off-label) power. A) we worked out a longer programming sequence that used confirmation before activation to prevent this from happening and a fix was pushed to the field very quickly. B) the new device that came out a few years later sported an "upgraded" 16 bit (still non-crypto) checksum, so by now all the old devices have been replaced with marginally better ones. C) the programming wand only had an effective range of about 4 inches, so a malicious attacker would have to get pretty close to make anything interesting happen. D) nobody died as a direct result of the programming error events, but you would be shocked (in a different way from the victims) to learn how many times that accident happened in the field with 50,000 users of the device.
🌻🌻 [google.com]
(Score: 3, Informative) by realDonaldTrump on Tuesday April 24 2018, @04:33PM (3 children)
He had a Pacemaker put in. For his heart. But he told the doctors, turn off the remote control. And they turned that off when they put in his Pacemaker. So the assassins couldn't EXPLODE HIS HEART!
(Score: 1, Informative) by Anonymous Coward on Tuesday April 24 2018, @04:38PM (2 children)
You troll a lot, but they actually did disable the wireless features in Cheney's pacer for security reasons. Not exploding (lol) but when you have a device set to deliver electrical impulses to your heart, screwing up the timing, frequency, or amplitude of those can cause death. If you're dependent on it, then just disabling it will do the same.
They also did it without general anesthesia.
(Score: 2) by HiThere on Tuesday April 24 2018, @05:19PM (1 child)
Why would they need any anesthesia to reset pacemaker controls? It's normally done with a magnetic loop...which needs to be within inches of the device, and properly positioned, to work. I trust the story didn't mean they turned THAT off, though I've never been sure what kind of wireless device his pacemaker had, or why it had it. If they're talking about the mag. loop controls...he was just being paranoid. You can't use that without direct contact and a bit of time to work. And turning off those controls would make it more likely that you *would* need an operation under general.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 3, Interesting) by JoeMerchant on Tuesday April 24 2018, @10:57PM
The point is: they disabled wireless by putting in a new pacemaker. It's not like the standard software had a "send me this code and I will never listen to another wireless message again, I promise" code built into it, and it would have been much easier to trust if they just removed the receiver coil anyway.
I believe the no general anesthesia thing if they're just replacing the pulse generator, I'm not so sure I'd buy it for placing the lead on the heart.
Some people remove their own pacemaker (pulse generators) with pocket knives and no anesthesia, or more often just a shot of whiskey or three. It's not common, but with millions of implantees, there's enough crazy in the world that it happens every so often.
🌻🌻 [google.com]
(Score: 2) by Geotti on Tuesday April 24 2018, @09:56PM
"I Find Your Lack of Faith Disturbing."