“Fatal” security bugs discovered in defibrillators and medical implants

1124645 autosave v1 pacemaker heart
Sunzi99/Wikimedia Commons
A team of researchers found several potentially “fatal” security flaws in 10 different medical implants.

Researchers at the University of Birmingham in the U.K. and the University of Leuven in Belgium discovered vulnerabilities in the software and signals that communicate with implant devices. The software is used to update the devices or gather data readings on a patient.

By tinkering with the bugs, the researchers were able to change the settings on the devices and in some cases shut them down entirely as well as steal sensitive medical data about the patient.

The device manufacturer name has not been disclosed but researchers said the bugs have since been patched by the maker before the research paper was made public. The researchers only studied one manufacturer but added that its products are widely used by healthcare professionals.

The remote software for medical devices like pacemakers helps doctors manage a patient’s condition and make sure they are working properly. However, the researchers were able to reverse-engineer the software and the signal it sends to eavesdrop on the communications and alter its commands.

According to the paper, the reverse engineering was carried out using “inexpensive Commercial Off-The-Shelf (COTS) equipment”.

“We demonstrate that reverse-engineering is feasible by a weak adversary who has limited resources and capabilities without physical access to the devices,” they wrote. However, a hypothetical attacker, in most cases, would need to have their equipment within five meters of the actual devices to pull most of these attacks off, the research noted.

In one example, an attacker would be able to collect sensitive data readings about the patient and change the commands for a device like pacemakers to disable certain functions or deliver an unneeded shock to the person, which could be fatal.

In another attack, the researchers were able to keep an Implantable Cardioverter Defibrillator (ICD) turned on despite “standby mode” being selected. This would drain the battery much quicker than usual, putting the patient at risk.

It was even possible, the authors claimed, to conduct denial of service attacks using a flawed implanted defibrillator.

“It is clear that the consequences of all these attacks can be severe for patients,” wrote the authors.

Previous studies have suggested that it was possible to infiltrate the communications between medical equipment and their software. In October, hackers showed how it was possible to break into insulin pumps and alter the dosage. The findings led manufacturer Johnson & Johnson to issue a warning to patients.

Smart Home

Qualcomm goes all-in on Amazon Alexa voice control with a new development kit

Qualcomm is releasing an early valentine for smart home device manufacturers. The new development kit for its Wi-Fi networks integrates the Amazon Alexa Voice Service to enable voice control in more devices.
Mobile

The 2-year-old Nokia 6 is now being updated to Android Pie

Android 9.0 Pie has been released. But is your phone getting Android 9.0 Pie, and if so, when? We've done the hard work and asked every device manufacturer to see when their devices would be getting the update.
Mobile

The best Samsung Galaxy S9 Plus cases to keep your titanic phone safe

The new Samsung Galaxy S9 Plus is a gorgeous device, with one of the best dual-lens cameras we've ever seen. Keep your titanic device safe and scratch-free with the best Samsung Galaxy S9 Plus cases.
Smart Home

Language barrier? Psh. Here's how to make your Google Home an ace translator

You can now use interpreter mode on your Google Home devices. This means, you can use your Google Home device to translate conversations in real-time. Here's how to use interpreter mode.
Deals

Here are the best Chromebook deals available in February 2019

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- that won't…
Computing

RTX might be expensive, but the 16 series could have the best Nvidia Turing GPUs

Set to debut at a step below the RTX 2060 on the price and performance spectrums, the GTX 1660 Ti and its other 16-series brethren could be Nvidia's killer mid-range cards of 2019 — especially with Tensor Core-powered DLSS.
Product Review

Razer just made our favorite gaming laptop even more powerful than before

The Razer Blade, our favorite gaming laptop, is now more powerful than ever before. That’s thanks to the new Nvidia RTX graphics cards inside. Do they help Razer retain its edge over the competition?
Computing

Ryzen 3000 chips will be powerful, and they might be launched as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far, based on both leaks and the recent…
Computing

With no plans for merging operating systems, Apple opts to combine apps instead

Apple is working on combining all of the the apps it offers to iPhone, iPad, and Mac users by 2021. App developers will soon be able to build and submit one version of their apps to be used by Apple product users.
Gaming

These are the coolest games you can play on your Google Chrome browser right now

Not only is Google Chrome a fantastic web browser, it's also a versatile gaming platform that you can access from just about anywhere. Here are a few of our favorite titles for the platform.
Computing

Amazon takes $200 off Apple’s latest 13-inch MacBook Air with retina display

Amazon is taking $200 off Apple's latest MacBook Air. This MacBook Air has 13-inch retina display, a built-in FaceTime HD camera, and that classic lightweight wedge shape the Air is loved and known for.
Deals

Samsung drops a solid $100 discount on the Chromebook Pro

If you're in the market for a new laptop, but can't afford to drop $1,000 on one of the best models out there, Chromebooks are an excellent option. Right now, Samsung is offering $100 off the Samsung Chromebook Pro.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Computing

Between Intel and AMD, these are the best gaming CPUs at every price

What are the best processors for gaming you can buy? You don't need to spend a fortune to get an amazing gaming CPU and now that AMD is competitive again, there are more choices than ever.