In his San Francisco apartment, Barnaby Jack waves a small antenna to demonstrate how a deadly hacker attack against a diabetic would begin.
The 34-year-old is best known for hacking into cash machines and making them spit out money on stage at a Black Hat computer security conference in 2010. Today, he is hunting security holes in wireless medical devices, and his latest stunt involves insulin pumps, the pager-sized devices that diabetics wear to dispense the lifesaving hormone into the body.
Jack aims the antenna at a see-through mannequin he has outfitted with a plastic baggie of clear liquid taped to its insides — that’s the pancreas. After a push of a button on his laptop, the antenna locates the insulin pump holstered to the mannequin’s hip, and a program Jack has written steals the pump’s security credentials. His software then instructs the pump to dump its contents, slowly injecting insulin into the fake pancreas through a small tube, filling the baggie with blood-colored liquid he’s concocted.
Insulin pumps, pacemakers and other medical devices can now communicate wirelessly, which makes them vulnerable to hacking. No known attacks have occurred in the real world, but several researchers have explored the possibilities. A key problem is the devices can’t currently be updated without being recalled, unlike PCs or mobile phones that are constantly getting security fixes.
Jack’s findings, slated to be presented today at the RSA security conference in San Francisco, represent a dangerous type of computer attacks that can inflict real-world pain.
“These are computers that are just as exploitable as your PC or Mac, but they’re not looked at as often,” Jack said. “When you actually look at these devices, the security vulnerabilities are quite shocking.”
This isn’t the first time the issue has come up. A study in 2008 from a consortium of academics found that a popular pacemaker-defibrillator could be remotely reprogrammed to deliver deadly shocks.
Medical-device security became a flash point last summer when Jay Radcliffe, an Idaho-based hacker and Type 1 diabetic, showed how hackers could manipulate the bestselling pump he used.
Radcliffe got hate mail by the hundreds, but he also got the attention of lawmakers, who successfully pressured the Government Accountability Office to investigate whether the medical device industry’s cyber security rules are tough enough. The GAO report is due in July.
Jack’s attack takes what Radcliffe did a step further.
He has discovered a way to scan a public space from up to 300 feet away, find vulnerable pumps made by Minneapolis-based Medtronic Inc., and force them to dispense fatal insulin doses. Jack doesn’t need to be close to the victim or do any kind of extra surveillance to acquire the serial number, as Radcliffe did.
The program Jack has written is something that bad guys with enough skill could replicate and sell online, a common practice in cyber crime. The antenna and other gear is easy to acquire online, he said.
Jack, a researcher with McAfee Inc., has never actually done the attack against anyone. All the work has been tested in his home lab, with the intent of pressuring device makers to improve the security of their products.
Medtronic, one of the world’s biggest medical device makers, said in light of the research it has hired security teams from Argonne National Laboratory, Symantec Corp. and Wurldtech Security Technologies Inc. to inspect its products and is coordinating with the Department of Homeland Security to implement changes, which may take years.
“Medtronic takes patient safety and device security very seriously,” the company said in a statement.
The U.S. Food and Drug Administration said that electronic eavesdropping is a concern for any medical device with wireless communication components, and that device makers are responsible for making sure their equipment can be updated after it’s sold. For many devices, that’s not possible without a recall.
Nathanael Paul, a computer security researcher specializing in medical devices and Type 1 diabetic, says that Radcliffe and Jack’s work brings important public attention to issues that have been known privately for several years.
Paul, a research scientist with Oak Ridge National Laboratory, said he discovered many of the same things that Jack and Radcliffe did but pursued a different path. His group made its discoveries in 2010 and presented them quietly to the FDA and industry officials.
“I wanted to effect change and I wasn’t exactly sure the best way to go about it,” he said. Paul added that while many interactions with government and industry insiders were positive, it can take years for changes in medical devices to hit the market because of long product cycles and regulatory roadblocks. He said there are other weak spots in the devices beyond the wireless components that could emerge in future research.
Jack revealed some details of his attack at a small hacker conference in Florida last year and says he has considerably strengthened the attack since then. For instance, his program can now disable security alerts on the pumps. He isn’t releasing details of the vulnerabilities, he’s just showing what’s possible.
A troubling element of such research is that it could inspire others to pursue these real-world attacks. Jack and Radcliffe both acknowledge the possibility, but say the technical skill required means that mass attacks are unlikely.
Still, each vulnerability that’s discovered raises the possibility that someone bent on destruction will attempt to exploit it in the real world. Jack says he is working now to see if there’s a way to forcibly update the devices, which is a double-edged proposition, since even that capability could be hijacked by criminals. He says the problems stem from a lack of foresight by device makers. Security, he says, wasn’t a priority when the devices were designed.
“It wasn’t even an afterthought,” he said. “It wasn’t even a thought at the time.”