Security problems will continue to plague new technologies as they come into the mainstream and attract the attention of devious computer hackers; it is a problem that has dogged PCs, mobile devices and radio-frequency identification tags throughout their maturation, says Gadi Evron, a security researcher who specializes in assessing computer vulnerability. Evron raised the issue at last year's Chaos Communication Camp international hacker gathering in Berlin, Germany, via a presentation entitled, "Hacking the Bionic Man: Science fiction or security in 2040?"
"All of the same security mistakes are made again and again," Evron says. "As long as people write [software], there will be bugs and vulnerabilities because secure design is never really followed."
Protecting implanted medical aids is tricky because manufacturers must avoid security measures that could cause the devices' batteries to run down or otherwise impede their lifesaving functions. The researchers propose that makers incorporate "zero-power" defenses into future designs, such as radio-frequency identification tags that create vibrations or audibly alert the patient of possible tampering without sapping battery power.
"The first thing to do is not scare people," Evron says, noting that such mischief is unlikely at this point. But he says it's important to keep on top of the issue, given the potential for trouble. "We should bring computer and security development into the realm of medical devices," he says, "so we aren't faced with security risks 10 or 15 years from now."
See what we're tweeting about
4 Comments
Add CommentMaking public such a potential flaw is irresponsible. Work on solutions ...don't provoke malicious people with a new challenges.
Reply | Report Abuse | Link to thisBalancing security and privacy with safety and efficacy will become increasingly important as implanted medical device technologies evolve.
Reply | Report Abuse | Link to thisRemoted-control is a potential danger some of the cases of which patients with the mentioned devices should be harmed by a malicious security attack.
It would also be extremely easy to set up special encryption so that the devices could only be accessed by authorized devices and authorized users, and had extremely limited range. Adjustable shunts (for example) are only adjustable at extremely close range, and the adjustments made would never be lethal, only problematic if done incorrectly.
Reply | Report Abuse | Link to thisCurrently anyone with a medical implant faces more problems from a microwave oven than any 'malicious hacker'.
It would be extremely easy to hack a special encryption to for a hacker psycho enough to do this. Also making this public... ha ha. This is old news to any hacker. Do u really think they never would of thought of this on their own. Its a scary world out there. Just hope no one would do it, bc its entirely possible (as the research shows)
Reply | Report Abuse | Link to this