“Fatal” security bugs discovered in defibrillators and medical implants

1124645 autosave v1 pacemaker heart
Sunzi99/Wikimedia Commons
A team of researchers found several potentially “fatal” security flaws in 10 different medical implants.

Researchers at the University of Birmingham in the U.K. and the University of Leuven in Belgium discovered vulnerabilities in the software and signals that communicate with implant devices. The software is used to update the devices or gather data readings on a patient.

By tinkering with the bugs, the researchers were able to change the settings on the devices and in some cases shut them down entirely as well as steal sensitive medical data about the patient.

The device manufacturer name has not been disclosed but researchers said the bugs have since been patched by the maker before the research paper was made public. The researchers only studied one manufacturer but added that its products are widely used by healthcare professionals.

The remote software for medical devices like pacemakers helps doctors manage a patient’s condition and make sure they are working properly. However, the researchers were able to reverse-engineer the software and the signal it sends to eavesdrop on the communications and alter its commands.

According to the paper, the reverse engineering was carried out using “inexpensive Commercial Off-The-Shelf (COTS) equipment”.

“We demonstrate that reverse-engineering is feasible by a weak adversary who has limited resources and capabilities without physical access to the devices,” they wrote. However, a hypothetical attacker, in most cases, would need to have their equipment within five meters of the actual devices to pull most of these attacks off, the research noted.

In one example, an attacker would be able to collect sensitive data readings about the patient and change the commands for a device like pacemakers to disable certain functions or deliver an unneeded shock to the person, which could be fatal.

In another attack, the researchers were able to keep an Implantable Cardioverter Defibrillator (ICD) turned on despite “standby mode” being selected. This would drain the battery much quicker than usual, putting the patient at risk.

It was even possible, the authors claimed, to conduct denial of service attacks using a flawed implanted defibrillator.

“It is clear that the consequences of all these attacks can be severe for patients,” wrote the authors.

Previous studies have suggested that it was possible to infiltrate the communications between medical equipment and their software. In October, hackers showed how it was possible to break into insulin pumps and alter the dosage. The findings led manufacturer Johnson & Johnson to issue a warning to patients.

Photography

Adobe concocts an A.I. that can detect — and reverse — manipulated photos

The company behind the software that's often used to manipulate photographs may help make it easy to spot a fake photo. Researchers at Adobe recently created an artificially intelligent program that can recognize fake photos of faces.
Android

You can pre-order the Galaxy S10 5G from Sprint starting today

Samsung announced a whopping four new Galaxy S10 devices, from the low-cost S10e to the triple-camera S10 and S10 Plus. But it's the Galaxy S10 5G that steals the show, as it's the first 5G-ready smartphone to hit the market.
Computing

Apple just registered seven new MacBooks, but what are they? Let’s speculate

When Apple registers new devices, that usually means they’re only weeks away from being released. The company has just registered seven new devices -- but are they Airs, Pros or something else entirely?
Emerging Tech

This lifesaving wearable could diagnose strokes more accurately

A new breakthrough wearable device uses two light measurement techniques to track the body's blood circulation — and accurately predict deadly strokes in the process. Here's how it works.
Deals

Dell sale drops up to $895 off Alienware and XPS 13 laptops for grads

If you’re sniffing around for a new PC and are hunting for a deal, Dell has a couple of its best offerings – the mighty Alienware 17 gaming laptop and the super-sleek Dell XPS 13 ultrabook – on sale right now at pretty solid…
Computing

The best webcams you can buy are mostly made by Logitech

Webcams are a bundled feature in most laptops, but if yours doesn't have one or you're video conferencing on a desktop, you might need a standalone webcam. These are the best webcams you can buy.
Computing

Forget Facebook: These are the 5 weirdest cryptocurrencies you can buy today

Though cryptocurrency may sound like a big and serious topic, a few of its implementations are actually fun. From Shiba Inus to feline coins and everything in between, we've rounded up the most eccentric digital coins.
Deals

Amazon deal cuts prices on the latest 11-inch Apple iPad Pro tablets

The Apple iPad Pro has been among our favorite tablets since its initial release in 2018. While Amazon and Samsung offer powerful products, no tablet can touch the iPad Pro's power and productivity. Score yours now on Amazon for just $699.
Computing

Time for a desk upgrade! These great stands will elevate and protect your laptop

The best laptop stands keep your laptop cool and elevated to a position where it's most comfortable to work. Stands come in many different designs with a number of added features, so here are our favorites.
Computing

PCI Express 6.0 is coming in 2021, and it’s already overkill

The PCI Special Interests Group began laying out the specifications for its next, next-generation motherboard socket: PCI Express 6.0. It will double bandwidth again and offer some clever efficiency-boosting technologies.
Cars

Volkswagen says no thanks to outsiders as it develops its own operating system

Volkswagen is taking software development into its own hands instead of joining forces with tech companies. It's assembling a team of more than 5,000 engineers to design an operating system that will equip in all of its cars by 2025.
Computing

Dive into the best VR experiences available now on the Oculus Rift

The Oculus Rift brought back virtual reality and put a modern twist on it. Grab your Touch Controllers, put on your VR headset, and jump into the fun with some of the best Oculus Rift games available now.
Gaming

Take a trip to a new virtual world with one of these awesome HTC Vive games

So you’re considering an HTC Vive, but don't know which games to get? Our list of 29 of the best HTC Vive games will help you out, whether you're into rhythm-based gaming, interstellar dogfights, or something else entirely.
Computing

What is Libra? Here’s what you need to know about Facebook’s new cryptocurrency

Facebook released a white paper announcing its new cryptocurrency, Libra, which it intends as a way to enable more people around the world to process online payments. Here's how the new blockchain technology works.