Skip to Content

Encrypted Heartbeats Keep Hackers from Medical Implants

A way to secure implanted devices requires anyone trying to reprogram your defibrillator to touch you first.
September 16, 2013

Implanted medical devices like defibrillators and insulin pumps now include wireless connections to let doctors or technicians update software or download data—but such improvements could open the door to life-threatening wireless attacks.

Security researchers have shown that they can surreptitiously reprogram an implanted defibrillator to stay inactive despite a cardiac emergency, deliver a 700-volt jolt when not required, or drain its battery.

A solution from researchers at Rice University and the security company RSA uses a heartbeat reading as a way to confirm that whoever is trying to reprogram or download data from a device is in direct contact with the patient and is not a remote hacker. This fix could work, the researchers say, even in emergency situations where no delay can be tolerated.

Using the new method, a doctor holds a device against the patient’s body, and takes a direct reading of the heartbeat. The device reads the patient’s heartbeat and compares it to one relayed in a wireless signal from the implant, and then confirms that the signals match. The wireless exchange of the heartbeat signal is encrypted, thwarting any attempt to hijack the communications during the exchange.

“This addresses a serious problem that has few existing solutions,” says Shane Clark, a research scientist at BBN Technologies and a former grad student in the lab of Kevin Fu, a leading medical device security researcher who is now at the University of Michigan (see “Innovators Under 35: Kevin Fu”). “Given the unique constraints that implantable medical devices face, it is important to tailor security approaches specifically for them, and that’s what this technology does.”

Clark says the solution avoids making things too cumbersome for a doctor or paramedic to access the device in an emergency. They would not, for example, need to individually authenticate themselves with a password, for example, or confirm a patient’s identity. Such traditional approaches “have the potential to endanger the lives of patients in an emergency situation where authentication fails,” Clark says. 

While various research efforts show that a person’s heartbeat can be used as a biometric identifier, this one only seeks to ensure that two devices are listening to the same thing at the same time. A future emergency responder wouldn’t need to know the identity of a heart-attack victim, for example, before gaining access and downloading information from the victim’s implanted device. “The heart is very conveniently producing this stream of random bits, and we tap into the stream of bits and make sure we are getting the same signal at the same time,” says Ari Juels, chief scientist at RSA Laboratories in Cambridge, Massachusetts, and a co-author of the paper.  (In particular, it simply looks at the pause between beats to find a match.) “Our approach doesn’t rely on a registration of a biometric—all it does is check that the signals are identical.”

But the encryption step is important, he says.  This prevents a theoretical attacker in, say, a hospital or a battlefield setting from hijacking the signal in order to issue malicious instructions. In addition, “the fact that you are reading a random changing symbol means the attacker can’t profile the heartbeat at one time and use the information later to attack the device,” he adds.

Right now, doctors or medical device makers will use wireless communication to update software on the device, and to download information about events (such as about heart-shocks or the timing of insulin doses issued) without requiring surgery.

But it’s a system based on trust, says Masoud Rostami, a PhD candidate at Rice who co-wrote the paper on the heartbeat method. “Unfortunately, manufacturers have not implemented any security mechanisms in [implanted medical devices]. They didn’t or couldn’t even use simple passwords, since they rightfully fear that the password can be lost or stolen.”

Right now, paramedics don’t generally interact with implanted devices. But in the future, it might be valuable for them to have the ability to download data from implanted devices in order to diagnose a condition in an emergency. 

However, implementing any changes would take a long time, due to the need for U.S. Food and Drug Administration approval.  “Given the long product lifecycles, it would probably take years to reach the market even if a manufacturer wanted to start implementing it today,” Clark says.

Keep Reading

Most Popular

Death and Jeff Bezos
Death and Jeff Bezos

Meet Altos Labs, Silicon Valley’s latest wild bet on living forever

Funders of a deep-pocketed new "rejuvenation" startup are said to include Jeff Bezos and Yuri Milner.

Professor Gang Chen of MIT
Professor Gang Chen of MIT

All charges against China Initiative defendant Gang Chen have been dismissed

MIT professor Gang Chen was one of the most prominent scientists charged under the China Initiative, a Justice Department effort meant to counter economic espionage and national security threats.

mouse engineered to grow human hair
mouse engineered to grow human hair

Going bald? Lab-grown hair cells could be on the way

These biotech companies are reprogramming cells to treat baldness, but it’s still early days.

conceptual illustration showing various women's faces being scanned
conceptual illustration showing various women's faces being scanned

A horrifying new AI app swaps women into porn videos with a click

Deepfake researchers have long feared the day this would arrive.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.