Feeds

Boffins find 'scary radio attack'* against pacemakers

*Attack is actually 'very difficult in real world'

Build a business case: developing custom apps

It's a little difficult to credit as a discovery the fact that analogue receivers – whether they be on a bluetooth device or a pacemaker – are vulnerable to radio interference.

That, however, is what's going to be presented at an IEEE conference later this week. Here's an excerpt of a story from America's Institution of Engineering and Technology's E&T Magazine:

“The researchers tested cardiac defibrillators and pacemakers in open air to determine which radio waveforms could cause interference.

“Then they exposed the medical devices to those waveforms in a both a saline bath and a patient simulator.”

The video below gives this explanation at about 1:07:

“The researchers found that they could use radio interference to send false heartbeat signals to the devices in controlled lab conditions. Theoretically, a false signal could inhibit needed pacing, or cause unnecessary defibrillation shocks.

“Experiments show that this would be very difficult to do in real world conditions, however.” (Emphasis added).

Watch Video

This would be unexceptional, except that pretty much every outlet to cover the story runs with a long boilerplate generalising the “hacker threat” we all live under before finally admitting that right now, an exploit would be a bit of a challenge.

Since the pacemaker exists inside the body, it inherits a degree of shielding which means, as the researchers note, that the attacker would have to bring a malicious device within a few centimetres of the body.

Which is, of course, why phone makers like Apple have recommended for years that people with pacemakers exercise sensible caution. This Apple document, now six years old, is a handy example.

The researchers suggest "solutions to help the sensors ensure that the signals they're receiving are authentic. Software could 'ping' the cardiac tissue to determine whether the previous pulse came from the heart or from interference. If the source was not the heart, the software could raise a red flag."

This, at least is sensible, even without drawing a picture of an evil hacker on the wall. Since interference is well-known, if a pacemaker or defibrillator can filter out false alarms with a kind of feedback loop, that's a good thing.

The researchers also suggest shielding consumer devices against RFI because some signals can have odd effects – such as turning on microphones or sending false signals through the analogue interfaces. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Gigantic toothless 'DRAGONS' dominated Earth's early skies
Gummy pterosaurs outlived toothy competitors
Boffins ID freakish spine-smothered prehistoric critter: The CLAW gave it away
Bizarre-looking creature actually related to velvet worms
CRR-CRRRK, beep, beep: Mars space truck backs out of slippery sand trap
Curiosity finds new drilling target after course correction
'Leccy racer whacks petrols in Oz race
ELMOFO rakes in two wins in sanctioned race
Astronomers scramble for obs on new comet
Amateur gets fifth confirmed discovery
Boffins build CYBORG-MOTHRA but not for evil: For search & rescue
This tiny bio-bot will chew through your clothes then save your life
Vulture 2 takes a battering in 100km/h test run
Still in one piece, but we're going to need MORE POWER
What does a flashmob of 1,024 robots look like? Just like this
Sorry, Harvard, did you say kilobots or KILLER BOTS?
NASA's rock'n'roll shock: ROLLING STONE FOUND ON MARS
No sign of Ziggy Stardust and his band
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.