Scientists Develop a Way to Keep Your Pacemaker From Getting Hacked

By Veronique Greenwood | June 16, 2011 2:57 pm

Many implants like this pacemaker can receive
and transmit wireless signals

What’s the News: Topping the list of things you don’t want hacked is your heart. And with 300,000 medical devices such as pacemakers and drug pumps implanted each year, many of which can be controlled through wireless signals, that might soon be a real risk for patients to consider. 

To prevent such attacks, researchers from MIT and UMass Amherst are developing a jamming device that can be worn as a necklace or watch and keeps implants from receiving orders from unauthorized senders. The team will present their experiments with defibrillators [pdf], with off-the-shelf radio transmitters playing the role of the shield, at the SIGCOMM conference in Toronto.

How the Heck:

  • Many medical implants send data about how a patient is doing directly to the doctor via radio transmission. And doctors can tweak implants’ performance by sending instructions like “Release more of that drug” or “Beat faster.”
  • The team’s device, called a shield, would intercept such instructions and, if they were encrypted using the key available only to the patient’s doctor, send them along to the implant, while unauthorized messages—which might go something like “Provide a lethal shock to the heart”— wouldn’t be passed on. The implant’s own messages would in turn be encrypted and sent onto the doctor. 
  • The team found that without the shield, their defibrillators obeyed commands from transmitters more than 40 feet away. With the shield, eavesdroppers or adversaries as close as 20 cm couldn’t control the devices or listen in on their messages.
  • One of the shield’s big perks is that it would work with existing implants. And because it only works when it’s near the implant, emergency personnel trying to reset a pacemaker, for example, could just remove the shield in order to send new orders. If the encryption were taking place in the implant itself, emergency overrides would be much more difficult.

What’s the Context:

  • Three years ago, a team of scientists including Kevin Fu, an author of the current paper, demonstrated [pdf] that they could interere with defibrillators and eavesdrop on their signals, learning patient names, diagnosis, and information about vital sounds, using readily available tech. While vulnerabilities in implant security had been discussed for some time, the discovery galvanized researchers to come up with creative solutions.
  • Researchers have looked into making new implants that perform the encryption themselves, but that approach comes with several serious drawbacks, like the difficulty of an emergency override and the need for manufacturers to alter their designs, which are highly optimized in terms of size and shape and may not have room on them for encryption gear.

The Future Holds: Such attacks haven’t happened yet, to our knowledge. But given the risks—disclosure of patient’s names and medical data, and potentially fatal interference—it behooves medical device companies to start looking into solutions like the shield.

Image credit: Wikimedia Commons

CATEGORIZED UNDER: Health & Medicine, Technology
  • fintin

    That’s a really scary fact.

  • Pippa

    3 years ago the same people come up with a potential but not actual problem. They now come up with a device to overcome this theoretical problem. Potentially they could make a lot of money with this invention. It is indeed scary. A good business plan, maybe.

  • nodumby

    well now that its been published on and internet forum some criminal type is bound to try to hack them to commit murder, that is another sad and scary fact.

  • Demian W

    I think that this story illustrates a key weakness to any electrical augmentation that humans may adopt in the future. Today we experience the same phenomenon if we were to be assualted with a tazer. It overloads our electrical signals. Increasing our integration with mechanical devices increases our vulnerability to wireless commands either taking control of our devices or causing us physical harm. This is a very fascinating concept albeit not pressingly relevant in today’s society as hackers are much more interested in someones bank account than they are in our medical implants. Yet I see us on the cusp as prosthetics become more advanced that we could be could be working to prevent someone from hacking someone’s limbs and causing them to act against the the will of the owner. How can we create a more secure dialogue between wireless devices?

  • Aleksandar Kuktin

    Simple: RSA with 4096-bit keys.

    Also, I don’t fully understand how do they expect this thing to work. If it’s a jammer, then it’s either illegal or will make usage of other wireless devices (like mobile phones) impossible. But, if it isn’t a jammer, then it must rely on encryption and message routing to work. Kind of like SSL does on the Internet. And they just said that pacemakers don’t do encryption.

    Anything other is simply not going to work.
    Not that grandma is going to understand all that…

  • Anti-kutkin

    @Kutkin, it’s obvious, it only jams the frequency that the pacemaker is tuned to.

  • James

    Too many moving parts here. Why not require all implant commands and queries to have a PIN prefix that the patient can wear on a necklace or bracelet? Encryption is overkill..

  • email secure server

    Honestly I’ve never considered the possibility of a medical device being hacked. Very scary to think about.


Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!


80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.

See More

Collapse bottom bar