You Can Remotely Hack Someone’s Insulin Pump To Kill Them

medtronic_insulin_pumpA McAfee researcher has shown that it is possible to remotely hijack an insulin pump implanted in someone’s body. We may someday have internal devices that keep our organs functioning into super-old age, but will live in fear of computer viruses that explode hearts by sending pacemakers into hyperdrive, et cetera. The Register writes:

In a hack fitting of a James Bond movie, a security researcher has devised an attack that hijacks nearby insulin pumps, enabling him to surreptitiously deliver fatal doses to diabetic patients who rely on them.

The attack on wireless insulin pumps made by medical devices giant Medtronic was demonstrated Tuesday at the Hacker Halted conference in Miami. It was delivered by McAfee’s Barnaby Jack, the same researcher who last year showed how to take control of two widely used models of automatic teller machines so he could to cause them to spit out a steady stream of dollar bills.

“With this device I created and the software I created, I could actually instruct the pump to perform all manner of commands,” Jack told The Register. “I could make it dispense its entire reservoir of insulin, which is about 300 units. I just scan for any devices in the vicinity and they will respond with the serial number of the device.”

The hack he has devised would allow an attacker to manipulate the diabetic’s insulin injections and could possibly be used to kill the pump user. Radcliffe said that at first he thought it was cool for a tech standpoint and then since he uses an insulin pump he had an instance of “sheer terror” that there is no security on the devices.

An attacker according to Radcliffe could intercept wireless signals and broadcast a stronger signal to change the readout causing the person to adjust their dose. He also said that a person could do this from quite far away such as a few hundred feet away the attacker could do this from the same floor of a hospital or from the same airplane.

, , ,

  • http://leo00o83.blogspot.com/ leo00o83

    Not only are pumps extremely expensive ranging between 2k$ and 9k$ but their software is very primitive. you’d think that if you spent that kind of money on the latest and greatest technology you’d get some kind of level of comfort from the few companies that are in that business but no, it’s about profit, not comfort. They know they have no competition so they lie about every non-existent possible comfort-enhancing feature that demands an extra paycheck for one of their slave waged programmer teams. Diabetes is essentially slavery to Hannibal Lecter idolizing pharmaceutical scumbags.

  • http://leo00o83.blogspot.com/ leo00o83

    Not only are pumps extremely expensive ranging between 2k$ and 9k$ but their software is very primitive. you’d think that if you spent that kind of money on the latest and greatest technology you’d get some kind of level of comfort from the few companies that are in that business but no, it’s about profit, not comfort. They know they have no competition so they lie about every non-existent possible comfort-enhancing feature that demands an extra paycheck for one of their slave waged programmer teams. Diabetes is essentially slavery to Hannibal Lecter idolizing pharmaceutical scumbags.

  • 6Blackie6

    Finally!

  • 6Blackie6

    Finally!

  • Jack R

    Barnaby Jack is now our present-day “Jack The Ripper” and diabetics are the new prostitutes. Amazing how far we have come.

  • Jack R

    Barnaby Jack is now our present-day “Jack The Ripper” and diabetics are the new prostitutes. Amazing how far we have come.

  • Jack R

    Barnaby Jack is now our present-day “Jack The Ripper” and diabetics are the new prostitutes. Amazing how far we have come.

  • Anonymous

    Great, now let’s hope someone will hack Cheney’s pacemaker.

  • Borgar

    Great, now let’s hope someone will hack Cheney’s pacemaker.

  • Jbar

    I think I’d turn wireless off and download my updates manually…

  • Jbar

    I think I’d turn wireless off and download my updates manually…

    • Calypso_1

      its not wireless for updates its wireless to communicate with glucose monitor and insulin pump to calculate correct dosage.

  • Anonymous

    its not wireless for updates its wireless to communicate with glucose monitor and insulin pump to calculate correct dosage.

  • Ray Alexis

    This is just so wildly unethical. Why is this sort of thing even published by a security company? This reminds me of the pacemaker hack that potentially endangers every single person with a pacemaker. If someone published a hack on how to exploit a car’s electrical system to malfunction inducing fatal accidents, would it be ethical to publish? Hardly.

  • Ray Alexis

    This is just so wildly unethical. Why is this sort of thing even published by a security company? This reminds me of the pacemaker hack that potentially endangers every single person with a pacemaker. If someone published a hack on how to exploit a car’s electrical system to malfunction inducing fatal accidents, would it be ethical to publish? Hardly.

  • Hellfire7885

    Then don’t put WiFi connections in the damn things.

  • Hellfire7885

    Then don’t put WiFi connections in the damn things.

  • Albanthespeared

    Complete crap

  • Albanthespeared

    Complete crap

21