Insulin Pumps Vulnerable to Hack from 300 Feet

McAfee Hacker Says Medtronic Insulin Pumps Vulnerable to Attack - Bloomberg

I tend to be an optimist when it comes to what device integration can do for us. Then I see things like this.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

tpatt100

Sounds like a good way to assassinate diabetic targets in other countries

pizzaboy

tpatt100 wrote: »

Sounds like a good way to assassinate diabetic targets in other countries

That's the same thing I thought and the fact that based on what the article was saying I can just scan for random people makes it a whole lot worse. I would figure that you would give the company time to correct the problem before you blast it all over the internet. Hopefully no one exploits the vulnerability.

Everyone

Go work IT for a Hospital for a year or 2, you'll quickly realize how scarily vulnerable a lot of stuff in that realm is. Insulin isn't the only thing delivered with such a device. Even medications injected by hand (i.e. a nurse is doing it with a syringe) could be vulnerable, as more often then not, they just read the dosage amount off a computer screen, and inject whatever the computer tells them to.

Asif Dasl

This goes to show that security as an area in IT will continue to be a very well paid sector. If we do go down the route of controllable kitchen appliances through IP and home automation then we will hear more and more of these stories and the challenge to prevent these vulnerabilities in the first place.

RobertKaucher

tpatt100 wrote: »

Sounds like a good way to assassinate diabetic targets in other countries

I was thinking a Leonardo da Vinci style worm that could hold the world hostage via a rogue Android app downloaded by millions of people.

onesaint

I'd be very curious to know about the exploit and if it requires the pump to have the wireless remote capabilities active like Radcliffe's hack does. Still, as the article noted a fixes are hard to roll out and I don't think one will be seen for current devices on the market (recall and re-release is the norm, from my understanding). Rather, the next crop will have some integrated security feature, unless of course some head of state is taken out with an insulin pump hack. Then we'll see a huge push for FDA regulation of medical device security.

tpatt100

Well I don't think your average hacker will exploit this because killing somebody is fun. This will be exploited by evil types looking at bigger targets OR industrial espionage, hack some devices the media jumps all over a particular company and the competitor jumps in with a better deal.

You can only make things so secure and hope laws can scare the rest away from exploiting it.

cknapp78

Asif Dasl wrote: »

This goes to show that security as an area in IT will continue to be a very well paid sector. If we do go down the route of controllable kitchen appliances through IP and home automation then we will hear more and more of these stories and the challenge to prevent these vulnerabilities in the first place.

I can see it now...Future headlines...

Hacked toaster burns housewife of GE CEO.

Roomba sucks up cat of Petsmart CEO.

Kitchen sink hose strangles Moen CEO.

Gotta salivate over the hilarity that could ensue...

effekted

I can't remember if it was at Defcon last year or another security conference but there was a talk that showed pacemakers and etc. are vulnerable to attacks.

A recent episode of NCIS actually had someone giving a person with a pacemaker a heart attack, ofcourse they weren't able to cover their tracks from Abby or McGee! lol

Asif Dasl

Well a lot of that home automation stuff is wireless, now I'm sure they are aware of security being paramount these days. But who knows what headlines will be next.