Featured Post

Musing on the Interaxon Muse Meditation Headband

"For this calibration, find a comfortable position and take a deep breath". The computer brain interface world is getting int...

Sunday, May 27, 2012

Hacking an insulin pump - no good unless it is your own

www.kslaw.com/library/publication/HH051412_Bulletin.pdf

Here is another reason why separate channels for health data is a good idea - if we can only get the encryption right.  A man was able to hack into an insulin pump and turn it off.  Mind you, the hacker was just doing a demo and was a computer security  expert, as well as a diabetic:

During an August 2011 Black Hat conference, a security researcher demonstrated how an outside actor can shut off or alter the settings of an insulin pump without the user’s knowledge. The demonstration was given to show the audience that the pump’s cyber vulnerabilities could lead to severe consequences. The researcher that provided the demonstration is a diabetic and personally aware of the implications of this activity. The researcher also found that a malicious actor can eavesdrop on a continuous glucose monitor’s (CGM) transmission by using an oscilloscope, but device settings could not be reprogrammed. The researcher acknowledged that he was not able to completely assume remote control or modify the programming of the CGM, but he was able to disrupt and jam the device
Story also found < here >