Study: Pacemakers Frighteningly Vulnerable to Hacks

You’d have to be pretty heartless to mess with another human’s pacemaker.

According to a recent study, implantable medical devices from four major manufacturers contain security weaknesses that open the door to particularly malicious hackers.

Medical device security consultancy WhiteScope last week reported a whopping 8,000-plus known vulnerabilities in four different physician programmers from four different manufacturers.

Intended for use by trained medical professionals in the operating room or doctor’s office, programmers allow the practitioner to test pacemaker functionality and set parameters over a wireless connection.

The “controlled” machines are meant to be returned to the manufacturer after use by a hospital. But WhiteScope managed to find about seven on public auction site eBay, selling for $500 to $3,000.

Snagging a handful for research purposes, the company booted directly into the programming software; no login or password needed.

“Pacemaker programmers do not authenticate to pacemaker devices,” WhiteScope founder Billy Rios wrote in a blog entry, lamenting the ease with which an attacker can remotely tamper with the technology.

The company twice confirmed patient data was stored unencrypted on a programmer; in one instance, analysts discovered decoded names, phone numbers, social security details, and medical data belonging to a “well-known hospital on the east coast.”

“Keeping devices fully patched and updated continues to be a challenge,” Rios said. “Despite efforts from the [Food and Drug Administration] to streamline routine cyber security updates, all programmers we examined had outdated software with known vulnerabilities”—more than 8,000, in fact.

For a closer look at WhiteScope’s findings, check out the full paper online.

Concerned for the “overall confidentiality, integrity and availability” of the pacemaker ecosystem, the company suggests vendors perform an “in-depth and holistic evaluation of implemented security controls.”

View the original article:

“By ensuring appropriate security controls are implemented, vendors can help protect against potential system compromises that may have implications to patient care,” WhiteScope said.

In the same category are

‘The Gallery – Ep. 2 : Heart of the Emberstone’ Review – Longer, Stronger and Well Worth the Wait The Gallery – Episode 2: Heart of the Emberstone (2017) comes a year and a half after Call of the Starseed (2016), episode one in the narrative-...
Camille Paglia Says that Women’s and Gender Studies Departments Should be Defunded Theo Wargo/Getty Imagesby Tom Ciccotta18 Oct 20170 18 Oct, 201718 Oct, 2017 Esteemed feminist author and scholar Camille Paglia argued that Women’s...
Felix & Paul’s VR Comedy Series ‘The Confessional’ Launches on Daydream and YouTube Felix & Paul Studios, the Emmy award-winning VR film producers, and the Just For Laughs comedy festival have launched the first episode of a new V...
First Windows VR Headsets Launch Today Alongside Windows 10 Fall Creators Update Microsoft’s Windows 10 ‘Fall Creators Update’ is available for download today, making the operating system compatible with its line ...
Anthony Scaramucci-Linked Twitter Account Posts, Then Deletes Holocaust Poll The Associated Pressby Lucas Nolan17 Oct 20170 17 Oct, 201717 Oct, 2017 The Scaramucci Post, a Twitter account linked to former White House Communi...
Can humans really live past 115? A new scientific debate erupts (Credit: Getty/PeopleImages) Humans have long dreamed of living forever, and as life expectancy has increased throughout the past century, it seemed ...

Dont forget to “Like” us on Facebook

Need something to share, visit our sister site for the

‘News in the last 30 days”

in a clear concise package ….


If you are an artist or interested in art, visit our art website and read about todays artscene and browse some of our artist profiles


Comment on this story