Feeds

Boffins find 'scary radio attack'* against pacemakers

*Attack is actually 'very difficult in real world'

Build a business case: developing custom apps

It's a little difficult to credit as a discovery the fact that analogue receivers – whether they be on a bluetooth device or a pacemaker – are vulnerable to radio interference.

That, however, is what's going to be presented at an IEEE conference later this week. Here's an excerpt of a story from America's Institution of Engineering and Technology's E&T Magazine:

“The researchers tested cardiac defibrillators and pacemakers in open air to determine which radio waveforms could cause interference.

“Then they exposed the medical devices to those waveforms in a both a saline bath and a patient simulator.”

The video below gives this explanation at about 1:07:

“The researchers found that they could use radio interference to send false heartbeat signals to the devices in controlled lab conditions. Theoretically, a false signal could inhibit needed pacing, or cause unnecessary defibrillation shocks.

“Experiments show that this would be very difficult to do in real world conditions, however.” (Emphasis added).

Watch Video

This would be unexceptional, except that pretty much every outlet to cover the story runs with a long boilerplate generalising the “hacker threat” we all live under before finally admitting that right now, an exploit would be a bit of a challenge.

Since the pacemaker exists inside the body, it inherits a degree of shielding which means, as the researchers note, that the attacker would have to bring a malicious device within a few centimetres of the body.

Which is, of course, why phone makers like Apple have recommended for years that people with pacemakers exercise sensible caution. This Apple document, now six years old, is a handy example.

The researchers suggest "solutions to help the sensors ensure that the signals they're receiving are authentic. Software could 'ping' the cardiac tissue to determine whether the previous pulse came from the heart or from interference. If the source was not the heart, the software could raise a red flag."

This, at least is sensible, even without drawing a picture of an evil hacker on the wall. Since interference is well-known, if a pacemaker or defibrillator can filter out false alarms with a kind of feedback loop, that's a good thing.

The researchers also suggest shielding consumer devices against RFI because some signals can have odd effects – such as turning on microphones or sending false signals through the analogue interfaces. ®

Securing Web Applications Made Simple and Scalable

More from The Register

next story
Asteroid's DINO KILLING SPREE just bad luck – boffins
Sauricide WASN'T inevitable, reckon scientists
BEST BATTERY EVER: All lithium, all the time, plus a dash of carbon nano-stuff
We have found the Holy Grail (of batteries) - boffins
The Sun took a day off last week and made NO sunspots
Someone needs to get that lazy star cooking again before things get cold around here
Boffins discuss AI space program at hush-hush IARPA confab
IBM, MIT, plenty of others invited to fill Uncle Sam's spy toolchest, but where's Google?
Famous 'Dish' radio telescope to be emptied in budget crisis: CSIRO
Radio astronomy suffering to protect Square Kilometre Array
Bad back? Show some spine and stop popping paracetamol
Study finds common pain-killer doesn't reduce pain or shorten recovery
Forty-five years ago: FOOTPRINTS FOUND ON MOON
NASA won't be back any time soon, sadly
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.