Insulin pump attack prompts call for federal probe
Security of medical devices questioned
Customer Success Testimonial: Recovery is Everything
The hack of a commercially available insulin pump that diabetics can control wirelessly has attracted the attention of US lawmakers who oversee the safety of the nation's airwaves.
In a letter drafted earlier this week, US Representatives Anna Eshoo and Edward Markey asked members of the Government Accountability Office to ensure that wireless-enabled medical devices “will not cause harmful interference to other equipment” and are “safe, reliable, and secure.”
The letter comes two weeks after a researcher demonstrated he could remotely tamper with the insulin dosages administered by the machine he relies on to treat his diabetes. The model uses no means of authentication, making it easy for unauthorized parties to connect to it and increase, decrease, or stop the flow of the hormone.
The demonstration at this year's Black Hat security conference in Las Vegas was the latest to show the vulnerability of a remotely controlled medical device. Pacemakers and other implanted heart devices were shown to be susceptible to serious hack attacks in research released in 2008.
Jerome "Jay" Radcliffe, the researcher at this year's Black Hat who demonstrated the attack, has refused to identify the manufacturer of the vulnerable insulin pump. A representative of Medtronic, one of several companies that make such devices, has been quoted as saying: “To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide.” ®
COMMENTS
fix the damn thing....
“To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide.”
The fact that you can in a lab means that its possible to do it outside a lab.... the fact that its possible to do it at all means it needs fixing....
Lawyerspeak
“To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide"
Anyone who did die from their devices getting messed with, is in fact dead, has already had the insurance collected on, and we would rather not talk about it, k? CSI couldn't solve it, neither can you.
Lord Have Mercy!
8|
Medtronic - "To our knowledge..."
<- Utter.
Good grief. Don't you just want to smack Mr. Medtronic upside the head?
There are actually tree stumps with more common sense.
IT infrastructure monitoring strategies
What you need to know about cloud backup
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Customer Success Testimonial: Recovery is Everything
