Consider the pacemaker. A marvel of modern technology, the pacemaker uses electric pulses to regulate a person’s heartbeat. The latest generation of pacemakers, though, do even more than that. In addition to their direct medical function, the latest pacemakers also have wireless connections enabling them to transmit information for doctors to analyze. And they can receive signals in turn, enabling doctors to non-invasively alter a treatment regimen.
Turning medical devices into communications devices has made them more useful. At the same time, however, it has created a vulnerability: In theory, a malicious agent could remotely hack a pacemaker, causing it to deliver a lethal shock. The same goes for the other classes of implantable medical devices, from defibrillators to brain stimulators to drug pumps. Deranged implant hackers could exploit security holes in those, too, causing injury or death.
It might seem a far-fetched scenario—no such attacks have been documented to date—but with the Federal Communications Commission having recently moved implantable medical devices (IMDs) to a new frequency band, making it possible to communicate with them at greater distances, it’s not a bad time to start thinking about how to foil an implant hacker. Nor is it a niche problem—millions of Americans have such devices, and another 300,000 are implanted globally each year.
Researchers at MIT and University of Massachusetts-Amherst have collaborated to design a new system that would help prevent such hypothetical attacks. They envision a device that someone with a pacemaker (or drug pump, or defibrillator) could wear that would act as a jammer against unauthorized signals in the implant’s operating frequency. This device—a “shield,” the authors call it in a paper they plan to present at the Association for Computing Machinery’s upcoming Sigcomm conference—could simultaneously send and receive signals in the same frequency band, something not possible with ordinary wireless technology. In their paper, they call their dual functioning device a “jammer-cum-receiver.”
Aren’t there enough real cyberthreats out there for it to be silly for researchers to be worrying about imagined ones? Not at all, said Stefan Savage, a UC San Diego cryptographer. He told MIT News, “This is exactly the time when you want to do this kind of research….You don’t want to do it when there’s an active threat.”
And indeed, MIT and UMass aren’t the only ones who have been exploring obscure boundary between health and cybersecurity. There is a wealth of colorful research that explores the give-and-take between security and utility in medical devices. (One researcher, for instance, suggests tattooing security keys on patients with ultraviolet micropigmentation.) The MIT/UMass group says that what sets their research apart from others’ is that they present “the first system that defends existing commercial IMDs against adversaries who eavesdrop on transmissions or send unauthorized commands.”
By no means is there overweening demand for such a jammer/receiver currently. As Savage noted, “Value in the information-security market gets created by one of two people: bad guys, or regulatory bodies.” So unless Congress or the FDA starts taking an active interest in what for now is a hypothetical problem, it sadly may take the first implant hack before this research is taken seriously by the public, and by extension, manufacturers.
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.
A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate
Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.
10 Breakthrough Technologies 2023
These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway
Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.