Reel life to Real lifeForensic medicine and security specialists to develop software to spot if pacemakers have been hacked

DHS  announced in October, 2014 that it is checking anything and everything which contains a programmable chip like pacemakers, defibrillators, bedside intravenous fluid pumps, scanners and hospital networks etc. Members of DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) say that a heart pump by Hospira and cardiac implants by Medtronic and St Jude Medical all have security flaws that could make them vulnerable to external hacking.

Forensic medicine and security specialists to develop software to spot if pacemakers have been hacked

Now forensic medicine and security specialists have joined forces to develop software which can tell a pathologist if a pacemaker has been interfered with causing any fatality.   Sujeet Shenoi, a computer security engineer at the University of Tulsa in Oklahoma, told New Scientist: To create software which monitors unusual activity, the researchers have drawn up a list of medical events that could lead to the death of a person with an implanted defibrillator – a device which helps the heart beat more rhythmically through a series of shocks. They included sending a series of quick shocks to accelerate the heartbeat and cause a fatal arrhythmia or reprogramming the device so that it does not kick in when required. A pathologist can then examine the defibrillator after death to see if any of the scenarios which could cause a lethal attack had taken place. If something untoward was spotted, an investigation could begin. “That would be proof against everything but a malicious pathologist,” said Noureddine Boudriga, a cryptographer at the University of Carthage in Tunisia. In a post-mortem examination, the new software could identify whether a pacemaker was remotely ordered to produce changes that led to a heart attack. The program could be altered, said the team, to work with any other medical device. Furthermore, the team suggested that on future devices, protections be implemented to keep the devices’ service and operations data safe from external tampering. Nonetheless, former Vice President Dick Cheney had all forms of wireless access to his own pacemaker deactivated before the device was implanted into his own chest. Resource : New Scientist