Using the body as its own password could foil medical device hackers.
Last season on Homeland, the murder of Vice President Walden prompted serious concern in the real world for users of pacemakers, including former Vice President Dick Cheney. In the show, Walden’s running mate helped a terrorist hack into the vice president’s pacemaker and accelerate his heart rate, causing him to have a fatal heart attack. This plot may seem like just another case of Hollywood imagination run amok, but the threat of hacking implanted medical devices is very real. Researchers are developing new security mechanisms for these vital technologies.
“This is really a life threatening issue,” says Farinaz Koushanfar, an associate professor of electrical and computer engineering at Rice University. “If somebody can hop on the Internet and steal data or see your financial transactions, that’s one thing. But if someone controls your bodily activities and even changes your heart rate, that’s another thing.”
A hacker gaining access to your medical device could kill you.
Tens of millions of Americans live with implanted medical devices (IMDs). Some of the more common ones include insulin pumps, pacemakers, and . Doctors have access to these devices so that they can monitor a patient’s diagnostics and adjust the way the device works without requiring surgery. These days, that access is often granted wirelessly and that can make these patients vulnerable to hackers.
As far as we know, no one in the real world has ever died from having their IMD hacked. Still, some tech savvy people have demonstrated that it’s possible.
Two years ago, security expert Jerome Radcliffe made news for hacking his own insulin pump with less than $20 worth of technology. Then, at a security conference last fall, late IOActive researcher Barnaby Jack claimed that he could hack a pacemaker from 50 feet away, causing it to deliver a lethal 830-volt shock. He likened his hack to an “anonymous assassination.” Even former Vice President Dick Cheney recently revealed that he had his pacemaker’s wireless utility disabled as a preemptive security measure.
Well aware of the dangerous lack of cybersecurity for IMDs, Koushanfar and her colleagues have developed a new protocol with the potential to protect against some of this threat. Called Heart-to-Heart, this protocol is designed as a more secure and efficient way to authenticate access to IMDs.
Barnaby Jack claimed that he could hack a pacemaker from 50 feet away.
Medical personnel who want to access an IMD with Heart-to-Heart must be able to place a device on the IMD wearer that records their heartbeat. Then, the patient’s implant and the provider’s device perform a security handshake via wireless channel, comparing heartbeat recordings. If the two recordings are similar enough, access will be granted. Basically, the heartbeat is like a password.
For the researchers, using the heartbeat in this way was an obvious choice. “The signal from your heartbeat is different every second, so the password is different each time,” said Masoud Rostami, a graduate student who worked on Heart-to-Heart, in a press release. Rostami says that our hearts can basically be used as random number generators.
Heart-to-Heart is not the only technology made to address hacking in IMDs, others include a wireless frequency jammer and an ultrasound device that determines the proximity of the person looking for access. However, the Rice University researchers say their design has some added benefits over these others.
Many of the devices proposed to make IMDs more secure are too much of an energy drain on the IMDs (which are designed to last years in the human body), require expensive additions to already expensive technology, or don’t increase security enough. Koushanfar says Heart-to-Heart overcomes these issues with relatively low-energy costs and simple technological additions, plus it is designed to retroactively fit many IMDs that people already have in place.
Some entrepreneurs have great ideas about jamming IMD hackers, but actual solutions are still years away.
Even if Heart-to-Heart becomes an authentication technology of choice for IMDs, it would only be one part of the security system. There are certain situations where doctors need to access their patients’ IMDs remotely, particularly in emergencies, and Heart-to-Heart doesn’t work unless the doctor can physically touch the patient. So, to maintain remote accessibility, IMD users would need an additional kind of security technology.
At this point, the Heart-to-Heart researchers have finalized their protocol, made a crude version of their device, and are reaching out to pacemaker companies to gauge their interest. The device is years away from becoming a reality — as are many of the technologies in this area.
Meanwhile, concerns over cyber-security for IMDs are intensifying. The FDA has already urged medical device companies to enhance their security and, as our country’s population ages, more and more of us will rely on IMDs to (hopefully) keep us healthy.