SoylentNews is people
SoylentNews
Johnson & Johnson has issued a security warning about one of its products:
Johnson & Johnson on Tuesday issued a warning about a possible cybersecurity issue with its Animas OneTouch Ping Insulin Infusion Pump. The problem was first reported by Reuters.
Computer security firm Rapid 7 discovered that it might be possible to take control of the pump via its an unencrypted radio frequency communication system that allows it to send commands and information via a wireless remote control. The company alerted Johnson & Johnson, which issued the warning. Getting too high or too low a dose of insulin could severely sicken or even kill. There have been no instances of the pumps being hacked, Johnson & Johnson said.
This discussion has been archived.
No new comments can be posted.
Johnson & Johnson Issues Security Warning About Insulin Pump
|
Log In/Create an Account
| Top
| 28 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Dealing with failure is easy:
Work hard to improve.
Success is also easy to handle:
You've solved the wrong problem.
Work hard to improve.
(Score: 2) by Runaway1956 on Wednesday October 05 2016, @01:41PM
WTF does an important health care device need a WIRELESS connection, to anything? Way back in the earliest of the 1900's the army figured out that wired communications could be made secure, but wireless communications could not. Little has changed since. In this case, they didn't even attempt to make it secure. Unencrypted wireless connection? What could possibly go wrong?
Hail to the Nibbler in Chief.
(Score: 2, Insightful) by Snow on Wednesday October 05 2016, @03:04PM
I think it's pretty obvious why wireless is the preferred option here. Unless you want a micro-USB port sticking out of your body (there is a docking joke in there somewhere...). Leaving it unencrypted is pretty negligent though...
(Score: 0) by Anonymous Coward on Wednesday October 05 2016, @03:12PM
Obligatory XKCD [xkcd.com]
(Score: 2) by mcgrew on Wednesday October 05 2016, @04:56PM
The pump isn't inside the body. I think you need some more coffee. It's a PUMP that injects insulin. If the whole thing were installed inside your body, how would you refill or recharge it? Of course it has some sort of jack or plug to recharge the battery, and I'll bet it's a USB port.
There is ZERO reason to have these things in any way hackable. Putting bluetooth in them was idiotic. If there's no reason to have a device on a network, KEEP IT OFF THE NETWORK.
Carbon, The only element in the known universe to ever gain sentience
(Score: 2) by Snow on Wednesday October 05 2016, @05:12PM
Ahh, good call. I didn't actually click the link or anything, but what you say makes perfect sense.
-- Snow
(Score: 2) by PocketSizeSUn on Wednesday October 05 2016, @06:30PM
There are both kinds of drug pumps. Implanted and external.
Most of the insulin ones are external (The ones I've seen look like a pager attached to a belt) with a fixed drip line (that also has it's own issues).
For the implanted pump the reservoir is usually refilled with a needle. Not sure about external pumps.
(Score: 2) by Runaway1956 on Wednesday October 05 2016, @05:39PM
Let me think about this for just a moment . . . .
They are sticking some foreign object into your body already, right? Just how difficult would it be to put a jack into your body, with which to connect to the device? I mean - there you have the body, insert part A, and part B on a trailing tail. Need it be USB? How about at least micro-USB? I'm not into medicine, really, but where does that first implant go? Somewhere in the trunk of the body, I suppose. Wonder how irritating a micro-USB would be sitting in your navel?
What I think is, not enough crazy people are thinking outside the box here. You certainly don't want everything you rely on to be connected wirelessly to the great IOT. That's just insane.
Hail to the Nibbler in Chief.
(Score: 2) by HiThere on Wednesday October 05 2016, @06:58PM
The traditional answer was a device that requires a magnetic (I think) induction loop to be placed ON the body and held in position while adjusting the device. This is certainly the approach used by my wife's pacemaker. No USB port but also no distance adjustment. Even for an external device this would have it's points, as it would avoid jostling what must be a sensitive connection. (I've had USB ports that required considerable force to use.)
But wireless?!? That's just insane. And unencrypted wireless? They must WANT the devices to be compromised.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by Username on Wednesday October 05 2016, @03:21PM
Because encryption is pointless and only adds to complexity. Look at ATSC, it’s all open anyone can disrupt it, or hijack it, but no one does. It’s not even a felony A to do so.
I wouldn’t want a wireless infusion pump either, but that’s mainly for stability reasons. If I wanted to kill someone via infusion pump, it wouldn’t really matter if it was wireless or not.
(Score: 2) by DannyB on Wednesday October 05 2016, @04:05PM
You could always get a syringe full of insulin and jab them with it.
But then, they could drink a bottle of pancake syrup (not the "lite" kind) and head to the ER.
Insulin and syringes are over the counter in most states.
Of course, I remember when my daughter was much younger, and for some odd reason, we had run out of syringes, and I went to Walgreens about midnight, in jogging sweats, to buy a box of syringes. The day staff recognized us. But not the night staff. That made for funny looks. And "who is the patent?" "What kind of insulin does she inject?" Of course, I knew the answers, and they sold me the syringes. But I could see why people would buy these for injecting drugs.
Is there a chemotherapy treatment for excessively low blood alcohol level?
(Score: 3, Insightful) by butthurt on Wednesday October 05 2016, @03:24PM
> WTF does an important health care device need a WIRELESS connection, to anything?
One use is mentioned in the article: to "order the pump to give [...] a dose of insulin." For an insulin pump, I would suppose that is a key feature.
> Way back in the earliest of the 1900's the army figured out that wired communications could be made secure, but wireless communications could not.
Wires can be cut; wires can be tapped; wires can be seen; wires can be followed; misleading signals or damaging currents can be fed into wires or induced in them.
The German military made limited use of frequency hopping for communication between fixed command points in World War I to prevent eavesdropping by British forces, who did not have the technology to follow the sequence.
-- https://en.wikipedia.org/wiki/Frequency-hopping_spread_spectrum#Multiple_inventors [wikipedia.org]
Spread-spectrum signals are highly resistant to deliberate jamming, unless the adversary has knowledge of the spreading characteristics. Military radios use cryptographic techniques to generate the channel sequence under the control of a secret Transmission Security Key (TRANSEC) that the sender and receiver share in advance.
-- https://en.wikipedia.org/wiki/Frequency-hopping_spread_spectrum#Military_use [wikipedia.org]
The subsequent paragraph on that page gives specific examples of military radio equipment. It's used not only by armies, but by navies as well.
> Little has changed since.
Right, apart from the transistor, the integrated circuit, the microprocessor, the ADC and DAC, digital electronics in general, information theory, block ciphers, error-correcting codes, radio communication is basically the same as it was in the 1930s.
(Score: 3, Informative) by DannyB on Wednesday October 05 2016, @03:59PM
> WTF does an important health care device need a WIRELESS connection
I know the answer because my daughter uses a different brand than the J&J pump from TFA.
1. If you use a sensor. This is a separate device with its own attachment to the body. It samples blood glucose every few minutes. It sends its readings to the pump. Now if the pump were set up to automatically dose insulin when the glucose monitoring sensor detects significantly rising blood glucose, it might be possible to spoof the pump into dosing insulin not needed. This is a potential vulnerability. The sensor and pump, on the brand I'm talking about (Medtronic) have a six digit code you choose on both the pump and sensor.
2. The pump can send it's log data to a USB dongle, which allows you to get that log data into your computer without the fuss of wires. The vendor's web site can upload that log data, if you have jumped through all the right hoops, and make it available to your doctor via a web site that the doctor can visit.
3. A woman may have the insulin pump under a dress, for example. Let's say a restaurant. Before eating, the user would dose themself with more insulin. Rather than have to lift up the dress, or take a visit to the restroom in order to access the pump's user interface, the user can use a wireless key fob to communicate to the pump, and get feedback from a couple beeps the pump will make.
Obviously security needs to be well thought out. Probably better thought out than it currently is.
One problem is that even the slightest changes to the design require a very long FDA approval process for a new model. So insulin pumps tend to be behind cell phones on technology. I remember when her insulin pump first got a color screen, and I thought, "it's about time".
In order to actually be FDA approved the pump AAA battery must be Eveready Energizer. I'm sure any AAA would work in a pinch. But this is what to use. And it's not worth playing any games with substitutions.
Is there a chemotherapy treatment for excessively low blood alcohol level?
(Score: 2) by Runaway1956 on Wednesday October 05 2016, @05:45PM
"slightest changes to the design require a very long FDA approval process"
On the other hand, the pharmaceuticals can get approval for new uses for old drugs and other underhanded tricks, relatively quick. Crazy, ain't it?
Hail to the Nibbler in Chief.
(Score: 2) by PocketSizeSUn on Wednesday October 05 2016, @06:41PM
Actually that's a bit different.
Once a drug is approved (in the market) a doctor can prescribe the drug for "off label uses".
Getting the drug on the market is hard, using it for something else is easy.
Drug pumps have a similar set of restrictions. A pump is approved for a specific drug, or subset of drugs. What drug is ultimately used can differ depending entirely on the Rx from the doc. My understanding is that it is quite a common situation for implanted devices to be delivering a cocktail that is technically "off label" is not particularly surprising to the manufacturer. It's ultimately up to the doc to put the right mix in and set the proper limits to provide the Rx.