Defcon 16: Pacemaker-B-Gone

A collaboration of various medical researchers in the academic field has led to proof that pacemakers can be remotely hacked with simple and accessible equipment. [Kevin Fu], an associate professor at the University of Massachusetts at Amherst, led the team. [Kevin] first tried to get documentation from the manufacturers, believing they would support the effort, but they were not interested in helping. They were forced to get access to an old pacemaker and reverse engineer it. They found that the communication protocol used to remotely program the device was unencrypted. They then used a GNU radio system to find access to some of the machine’s reprogrammable functions, including accessing patient data and even turning it off.

Although this was only done with one particular pacemaker, it proves the concept and should be taken seriously by the medical companies who produce these devices. If you are interested in the technical aspects, check out the paper the team released in May disclosing the methods.

24 thoughts on “Defcon 16: Pacemaker-B-Gone

  1. That is a VERY old pacemaker; pacemaker technology changes drastically every 6 months, so everything they learned with that one is moot. Those pacemakers used a wired magnetic transducer placed directly over the pacemaker for communication; the latest ones are wireless technology. Anyway, who would want to hack a pacemaker? The only worthwhile thing I can think to do with an old pacemaker is to use the titanium housing.

  2. Technically this is an ICD (Implantable Cardioverter Defibrillator), not a true pacemaker, but it performs the same function with the addition it can defibrillate the patient if his/her heart starts fibrillating.

    It’s a scary concept. I can already imagine some whacko getting a couple-kilowatt transmitter and a big antenna; then killing a few million people across the country by broadcasting the kill signal.

  3. What the hell is wrong with you all? Its one thing to fuck with software and build cool things out of computer parts, but purposely trying to endanger someone’s life by ‘hacking’ a pacemaker, thats just fucking sick… This information should not be publicly displayed, and you should be held responsible if someone dies because of this!!!

  4. What the h### is wrong with you all? Its one thing to f### with software and build cool things out of computer parts, but purposely trying to endanger someone’s life by ‘hacking’ a pacemaker, thats just f###### sick… This information should not be publicly displayed, and you should be held responsible if someone dies because of this!!!

  5. @MotoRider420 – don’t you understand that the people who made this hack were trying to stop these kinds of attacks from happening?? by alerting the populace to the lack of security in pacemakers, they are forcing a reaction from the manufacturers and could save many lives in the process. Go read up on the history of encryption, the only way to properly make something secure is to make the method of security available to everyone.

  6. @3: So you’re saying it’s better to just ignore critical security problems like this until somebody *does* actually kill someone this way? These researchers are not trying to commit murder; they are trying to demonstrate that the security of these devices is important and needs to be improved.

    @2: You’re missing the point as well. For one thing, people who have a pacemaker implanted aren’t simply going to get a new one every single time the technology improves. Just because the particular pacemaker these researchers happened to show can be compromised is years old, that doesn’t mean that there aren’t a lot of people walking around with the same model inside of them. Furthermore, these researchers did not spend time reverse-engineering pacemakers because they actually want to read people’s medical information or kill them; they’re showing that this is a problem and that the security needs to be improved.

    Investigating ways that something can be compromised doesn’t necessarily mean that you want it to be compromised.

    You may find this insightful: http://www.schneier.com/blog/archives/2008/03/the_security_mi.html

  7. @motorider420

    Its not meant for black hattery, it’s meant to push the Medical companies to create safer products. What if the company producing these items suddenly wanted royalties from your usage and threatened to turn on the kill switch? What are your options there?

  8. Wow, this is some unsettling stuff. The high power transmitter scenario sounds a bit far fetched, since a bomb in a crowded area would be way simpler, and would kill a lot more people. But I can imaging people being assassinated with directional antenna’s this way, worst part is, assassins could reprogram the pacemaker afterward to make the death appear to be the result of a normal heart attack. Hell, for all we know, this is already being done. **adjusts tinfoil hat**

  9. this is definitly something that shouldn’t be taken lightly, but seriously and thoughtfully. it something that needs to be made known so that people are aware of the dangers and possible risks involved. kudos to the researchers who found this flaw and woe to the companies not immediatly fixing the issue.

  10. @MotoRider420,

    These researchers could have probably sold this information to some black ops group or used it in a harmful way themselves. Now if someone actually uses this attack, God forbid the medical companies don’t make the changes to protect against it, we will have a much greater chance of identifying it as a homicide and not just another heart attack or failed ICD.

    Also, you shouldn’t smoke marijuana and ride motorcycles.

  11. You don’t need anything high tech to mess with pacemakers. At my Grandmother’s church they got a new keyboard and somebody said it was bothering their pacemaker.

    Also it amazes me how many people on here are supporting security through obscurity.

  12. I guess most people don’t realize that a lot of security hacking is done not to benefit the hacker directly, but to further the common good. Not all hackers are black hats. Plus you make a good bit of money selling this to companies if they don’t want to have a chance at getting sued later on in the line when a malicious hacker figures out how to broadcast the kill signal.

  13. @ #3/4 – You are the reason that they put an injunction on the MIT guys for publishing MTBA weaknesses. Do you think that freedom of speech ends when it’s inconvenient for someone else? Maybe you should be a Bush administration advisor. I’m sure you can equivocate for ages on how the first amendment only applies to your approved ideals.

  14. @motorider – please at least read before you make a ignorant post such as that. This is great informative news, exactly along the lines of security faults in Epassports and FastTrack passes. Security is the issue. Exposing flaws generates fixes. Have you ever heard of a bump key? Well thanks to efforts like this, a BUMP KEY is now considered a burglary tool (at least in California). Great Job Hackaday!

  15. I was a software engineer for two different implantable devices. Yes, like anything else they are hackable. The older models (and newer ones) are very unlikely to have encryption or a ton of security, mainly because that adds complication and requires additional power. These devices are made to be as simple as possible because they have to be reliable and extremely small, on top of that they have to run on a battery for YEARS.

    Yes, it is security through obscurity but obscurity doesn’t cost power, take additional space or add complexity.

    But the main reason you shouldn’t be concerned about it, to communicate with the device, or to activate the wireless, you typically have to be within a few inches of the device. The wireless communications are very power hungry so typically they are only turned on by circuits that are passively powered or via magnets.

    So yes, if some strange guy is holding a weird device over your chest maybe you have something to be concerned about.

    Overall this story is mainly FUD. Modern pacemakers are extremely well engineered and the amount of testing that goes into them is impressive. It is one of the industries where a minor bug could easily turn into multimillion dollar lawsuits.

  16. @jhaluska

    you may be right about the range limitation, but I’d be surprised if it wasn’t possible to build a very powerful focused transmitter that could open the distance to say 25 yards (remember those shopping cart wheel locker hacks a while back). It wouldn’t even have to be tiny, anything that could fit within one of those modern suitcases would probably be small enough.

  17. @jhaluska,

    You make very good points. You are right in saying that this hack is not immediately dangerous or anything to be worried about. I couldn’t see someone really getting away with this on a high profile person in it’s current state. But I think the story and the hack in general is more of a proof-of-concept to get people thinking about relying on electronic devices for their health. Who knows what kind of advancements in the medical technology may yield. It may soon be common to have multiple devices in your body monitoring your health and all of them with similar wireless access. It is then that these things should really be taken into consideration but we should at least begin to think about it now.

    @richard,

    Some government web crawler just put you on a terrorist watch list. You should spell it chaynee from now on.

  18. The thing is, anyone with a giant magnet could disrupt ANY pacemaker, defibrillator.

    However, these things are easily programmed via a special magnet, and a computer.

    This is typically proprietary technology, and hospitals employ contractors FROM the pacemaker companies to run the equipment with a cardiologist who’s an expert with electrical therapies of the heart.

    I dunno what sort of thing hackers can do remotely. I mean, you do checkups by phone, and if a hacker knew you were on the phone doing a checkup, they could MAYBE affect your pacemaker. But PERFECT TIMING is of the essence, and this is FAR from a mass-pacemaker disruption.

    If you take a giant magnet that is going to read and write to the pacemaker of many people, it’s going to disrupt them all in the first place.

    There’s not much to fear, this is good progress, though, and I don’t think pacemakers are going to be the target of any sick fucks.

  19. I have a pacer, and i am VERY GLAD that these intelligent people are thinking a step ahead in order to save lives by thinking as the “bad guy” and then solving the problem to stop “him”.
    Wheather or not this is actual, it is still very commending and thought-stimulating for those who in the future would devise medical equipment, in order to stop any would-be devious attacks on a patient’s life.
    Thank you !

Leave a Reply to SamCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.