Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Securing Medical Devices From Attacks

Securing Media Devices

At the 3rd Usenix Workshop of Health Security and Privacy in Bellevue, Washington, last week, researchers focused their attention on medical devices, and not all of the presentations were about new ways of breaking them.

Securing Media Devices

At the 3rd Usenix Workshop of Health Security and Privacy in Bellevue, Washington, last week, researchers focused their attention on medical devices, and not all of the presentations were about new ways of breaking them.

Among those defending medical devices against future attacks were researchers Cory Cornelius, Jacob Sorber, Ronald Peterson, Joe Skinner, Ryan Halter, and David Kotz, who presented a way in which implantable medical devices (IMD) could be secured to respond only to authorized individuals. Increased authentication is something that has been discussed before, but this group proposed the use of bioimpedance, which authenticates without the need for complicated passwords.

Bioimpedance measures how body tissues oppose a tiny applied alternating current and this method is said to accurately recognize people within a household 90 percent of the time. Previously it was proposed that people wear RFID bracelets or carry a complicated set of passwords to authenticate themselves to the medical device. Bioimpedance is a biometric system that should be much harder for an attacker to spoof.

Their full paper can be found here.

Also at the Usenix conference, another paper suggests that the problem with hacking medical devices is more widespread than just insulin pumps and heart defibrillators. Researchers Nathanael Paul and Tadayoshi Kohno found that many other IMDs face similar risks, especially if the user interfaces are designed with convenience in mind rather than security.

The researchers wrote, “to decrease the complexity of operating an insulin pump infusion system, the control interface display of-ten hides much of the functionality of the device. The more limited display makes the device easier to use, but the patient trusts that certain settings do not change. In order to change the pump’s settings, it is intended that physical possession is needed of the pump remote control or the pump device itself.” The researchers presented to the conference how low-tech hacks could easily change the configuration without the user knowing.

The whole notion of changing the configuration settings of medical devices came to the fore last summer when my colleague Jay Radcliffe drew parallels between the human body and the SCADA industry. At Black Hat 2012 and again at DefCon 19, Radcliffe gave a personal account of his experience of having Type 1 diabetes and how the specific device he used at the time to control his diabetes could be manipulated by “evil doers.” (Radcliffe and the manufacturer have since patched things up.)

The insulin pump replaces the actions of the liver (which secretes sugar) and the pancreas (which secretes insulin). Too much blood sugar can overtax the kidneys and too little blood sugar can shut the body down. Radcliffe equated these bodily processes to industrial SCADA systems which regulate pressure in gas and electric utilities—too much and the system blows, too little and the electrical or water system shuts down.

Advertisement. Scroll to continue reading.

Radcliffe uses a commercial insulin pump, a device costing about $6,000, that is designed to work for years. Through tubes inserted into his skin, the pump secretes a baseline insulin blast every 3 minutes or so and then sends more at mealtimes. Blood meters wirelessly send measurements to the pumps with a physical range of up to 100 feet.

What he found was his monitor had no verification of the remote signal. Worse, the pump broadcasts its unique ID so he was able to send the device a command that put it into SUSPEND mode (a DoS attack). That meant Radcliffe could overwrite the device configurations to inject more insulin. With insulin, you cannot remove it from the body (unless he drinks a sugary food). The same overwrite of commands would also be possible with pacemakers as well.

To mitigate this attack, he said manufacturers should turn on the crypto that’s available in Bluetooth. Radcliffe also suggests using infrared vs. radio frequency and in the meantime suggested use of RF necklaces that block hostile RF commands. During the Black Hat he said he was contacted by two vendors (neither were the vendor he uses) and both vendors used SSL between the meter and the pump. Radcliffe has since migrated to a newer insulin pump, one he says is more secure.

Hopefully, the research presented at Usenix and other conferences will lead to more secure medical devices. And hopefully more manufacturers will get behind the initiatives to secure their medical devices. But I could see other uses as well. For example, how about bioimedpance authentication for our mobile phones?

Related Reading: Hacking The Human Body SCADA System

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.