Feeds

Boffins find 'scary radio attack'* against pacemakers

*Attack is actually 'very difficult in real world'

High performance access to file storage

It's a little difficult to credit as a discovery the fact that analogue receivers – whether they be on a bluetooth device or a pacemaker – are vulnerable to radio interference.

That, however, is what's going to be presented at an IEEE conference later this week. Here's an excerpt of a story from America's Institution of Engineering and Technology's E&T Magazine:

“The researchers tested cardiac defibrillators and pacemakers in open air to determine which radio waveforms could cause interference.

“Then they exposed the medical devices to those waveforms in a both a saline bath and a patient simulator.”

The video below gives this explanation at about 1:07:

“The researchers found that they could use radio interference to send false heartbeat signals to the devices in controlled lab conditions. Theoretically, a false signal could inhibit needed pacing, or cause unnecessary defibrillation shocks.

“Experiments show that this would be very difficult to do in real world conditions, however.” (Emphasis added).

Watch Video

This would be unexceptional, except that pretty much every outlet to cover the story runs with a long boilerplate generalising the “hacker threat” we all live under before finally admitting that right now, an exploit would be a bit of a challenge.

Since the pacemaker exists inside the body, it inherits a degree of shielding which means, as the researchers note, that the attacker would have to bring a malicious device within a few centimetres of the body.

Which is, of course, why phone makers like Apple have recommended for years that people with pacemakers exercise sensible caution. This Apple document, now six years old, is a handy example.

The researchers suggest "solutions to help the sensors ensure that the signals they're receiving are authentic. Software could 'ping' the cardiac tissue to determine whether the previous pulse came from the heart or from interference. If the source was not the heart, the software could raise a red flag."

This, at least is sensible, even without drawing a picture of an evil hacker on the wall. Since interference is well-known, if a pacemaker or defibrillator can filter out false alarms with a kind of feedback loop, that's a good thing.

The researchers also suggest shielding consumer devices against RFI because some signals can have odd effects – such as turning on microphones or sending false signals through the analogue interfaces. ®

High performance access to file storage

More from The Register

next story
Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
Helium seeps from Falcon 9 first stage, delays new legs for NASA robonaut
Red-faced LOHAN team 'fesses up in blown SPEARS fuse fiasco
Standing in the corner, big pointy 'D' hats
KILLER SPONGES menacing California coastline
Surfers are safe, crustaceans less so
LOHAN's Punch and Judy show relaunches Thursday
Weather looking good for second pop at test flights
Discovery time for 200m WONDER MATERIALS shaved from 4 MILLENNIA... to 4 years
Alloy, Alloy: Boffins in speed-classification breakthrough
Curiosity finds not-very-Australian-shaped rock on Mars
File under 'messianic pastries' and move on, people
Top Secret US payload launched into space successfully
Clandestine NRO spacecraft sets off on its unknown mission
Get your MOON GEAR: Auction to feature Space Race memorabilia
Keepsakes from early NASA, Soviet programs up for bids
New FEMTO-MOON sighted BIRTHING from Saturn's RING
Icy 'Peggy' looks to be leaving the outer rings
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.