# Hacked Insulin Pumps, anyone know which are the effected one?



## Nyadach (Aug 6, 2011)

Ok, not sure how many have been following the tech press this week during the Black Hat conference (hacker/security convention). Anyhow, long story short someone has managed to hack and take remote control of a wireless insulin pumps due to the manufacturer being feckless at putting security on the thing. As yet haven't seen any of the press reports naming the company involved, and was wondering if anyone else on here has heard of who the company is who make the offending pumps?

Link to story: http://www.slashgear.com/hacker-shows-how-to-hack-insulin-pumps-at-black-hat-conference-05169762/

The guy who did this is a diabetic, and the hack isn't in the wild so if you have a pump with wireless capability *DON'T PANIC*. He did it as a proof of concept to show the company who made his pump how insecure it is...but the question is, what pump maker is this so we can avoid them?!


----------



## HelenM (Aug 6, 2011)

This thread  on Tu Diabetes will give you more detail (the whole thread is about the concept but the bit you're interested in starts from Feb 2011)

http://www.tudiabetes.org/forum/top...:18198&id=583967:Topic:670966&page=5#comments


----------



## Nyadach (Aug 6, 2011)

Thanks for link but sadly it was mostly people attempting to break into the pumps from various manufacturers...still think it's something no one should, or even look or even be able to do if the security data was encrypted properly. Am still curious to know (since this hack at Black Hat) is the first confirmed to actual take control as to what pump he got into....then again, would guess all of them should probably be looking at what/if security they have.


----------



## HelenM (Aug 6, 2011)

It does tell you if you read carefully.  However,  reading the other posts I suspect the vunerability is probably fairly universal . Fortunately it does require someone who has the ability to do it, who knows a potential victim and has some motive. Hopefully those things are unlikely to conicide.


----------



## Nyadach (Aug 7, 2011)

It's the same guy in the later parts of your link where he covers his initial research leading up to Black Hat (final page he mentions he's going to demonstrate his hack there). Still a daft thing to hack though. 

Well, least it crosses another few pumps off my list of choices for my next doc visit  I'm due a switch to a pump and I know my doc seems to be big on Medtronic stuff, so another good reason to cross off all there kit. But didn't like their kit anyhow let alone this issue as well.


----------



## Ergates (Aug 8, 2011)

I'm not sure that the risk of this occuring is a good reason to not choose a particular pump.  It seems incredibly unlikely to me, and anyway, if I'm not mistaken most pumps have a maximum basal dose limit.  I should check my pump, I suppose, but I'm not particularly worried about this risk.  I should imagine you are thousands of times more likely to be struck by lightning.

A much more likely risk to you is a small child getting hold of the bluetooth meter and dialling you up a dose.


----------

