We Need to Make Implantable Medical Devices More Secure

These days, everything is connected to the proverbial ether of wireless networks. Implantable medical devices are no exception. By connecting a defibrillator or insulin pump to wireless, doctors can access critical personal and physiological data about their patients remotely. However, while this may be convenient in terms of monitoring an individual's health care, the same accessibility also leaves these often life-saving devices open to malevolent hacking.

There are no simple answers. Opposing requirements for medical devices tug manufacturers in different directions. In the event of an emergency, implantable medical devices need to be accessible enough that any appropriate medical professional can retrieve the data within. But that same openness leaves the device and, more importantly, the patient susceptible to potentially fatal mischief.

It might seem far-fetched, but the technology to do this sort of thing already exists. Most who have discovered how to hack into these devices have been mum on their methodologies for obvious reasons.

But not Barnaby Jack. Jack claimed to have unearthed a way to influence both defibrillators, which could be manipulated into exuding an 850 volt zap to their hosts, and insulin pumps, which he theoretically could utilize to send someone into hypoglycemic shock. Jack died before he could share the details of his endeavors, but was set to do so at a hacker conference this summer in hopes of raising awareness of these security lapses among manufacturers.

While still only a theoretical threat, as there have been no recorded instances of this occuring as of yet, two arms of the US government recently announced their apprehension relating to the gaping security holes in these devices.

In May 2012, the Department of Homeland Security issued a series of warnings about vulnerabilities in medical devices. Of internal devices like defibrillators and insulin pumps, DHS wrote, “many are vulnerable to cyber attacks by a malicious actor who can take advantage of routine software update abilities to gain access and, thereafter, manipulate the implant.”

Adding to the DHS’ release, the FDA in June recommended that manufacturers and the larger health care industry take the possibility of cyber attacks more seriously and commit to working on safeguards.

However, a solution may be within reach thanks to researchers at Rice University and RSA Security. According to them, by using the patient’s very own heartbeat as a method of authentication, it is possible to drastically reduce the risk of hacking. A crucial component of this plan is that the heartbeat itself needs to be encrypted.

Ari Juels from RSA spoke to MIT Technology Review about the new method. “The fact that you are reading a random hanging symbol means the attacker can’t profile the heartbeat at one time and use the information later to attack the device,” he said.

Beyond encryption, the new technique also provides a further layer of security by requiring that those attempting to access the internal medical device be in proximity to the patient. It works like this: an external device reads the heartbeat of a patient. If that heartbeat matches with the one being communicated via wireless network, access is given.

In this respect, the proposed system sounds similar in principle to that used in deep brain stimulation (DBS). The only way to program a DBS device, which essentially operates as a brain pacemaker, is to have the programming apparatus make skin-to-skin contact with the patient. Unlike devices connected to wireless, there are currently no ways to access DBS remotely.

Balancing the needs of patient and doctor while managing the threat of hacks is difficult, but since the future is colored by increasing connectivity with all its attendant benefits and drawbacks, this is something we need to address. Because while it’s not necessarily the end of the world if your computer gets hacked (although it’s certainly a huge pain), the hacking of an implanted defibrillator could literally mean the end of someone's life.