from theregister.co.uk: In a hack fitting of a James Bond movie, a security researcher has devised an attack that hijacks nearby insulin pumps so he can surreptitiously deliver fatal doses to diabetic patients who rely on them.
The attack on wireless insulin pumps, made by medical devices giant Medtronic, was demonstrated Tuesday at the Hacker Halted conference in Miami. It was delivered by McAfee's Barnaby Jack, the same researcher who last year showed how take control of two widely used models of automatic teller machines so he could to cause them to spit out a steady stream of dollar bills.
Jack's latest hack works on most recent Medtronic insulin pumps, because they contain tiny radio transmitters that allow patients and doctors to adjust their functions. It builds on research presented earlier this year that allowed the wireless commandeering of the devices when an attacker was within a few feet of the patient, and knew the serial number of his pump. Software and a special antenna designed by Jack allows him to locate and seize control of any device within 300 feet, even when he doesn't know the serial number.
related update: fda rejects medtronic heart device
No comments:
Post a Comment