# FDA Issues Guidance for Wireless Medical Device Security



## Northerner (Aug 26, 2013)

The concept of a hacker causing a heart attack by remotely compromising a pacemaker or shutting down an insulin pump on a diabetic is unfortunately not in the realm of science fiction, with very real vulnerabilities having been found in connected medical devices. The US Food and Drug Administration (FDA) is now addressing the issue with a 24-page set of recommendations for regulating medical devices with wireless connectivity.

Implantable or worn devices exist in many environments, like hospitals, homes, clinics, blood banks, laboratories and care homes. Given their pervasive nature, and the fact hat they are increasingly connected by wireless, the FDA is urging manufacturers to first and foremost fully assess the risk of building wireless technology into devices before it?s implemented. The concerns range from patient data theft (information is often contained on the devices themselves) to more horrific worries, like a murderer shutting down vital functions via remote-access control.

http://www.infosecurity-us.com/view...uidance-for-wireless-medical-device-security/


----------



## Redkite (Aug 28, 2013)

Let's hope that never happens.....


----------



## chandler (Aug 29, 2013)

Am I right in saying that you couldn't just "randomly" interact wirelessly with an insulin pump?  I think you would need some way of identifying the equipment, a bit like scanning for names of wifi access points or scanning for available bluetooth devices.

I have the usb carelink dongle to upload data from my pump wirelessly.  When I want to connect to the pump, the laptop software asks for the serial number of the pump so it can make a wireless connection.

If I try to scan for nearby devices just using my laptop, the pump doesn't show up anywhere.  I have a feeling that the only way someone could connect to your pump and get up to mischief would be if they somehow got access to your pump's serial number.  

I think this is available in 3 places;

on the pump's label
in the pump's information screen
on the side of the box your pump came in

It's the same idea as not broadcasting your home wifi network name so people can't steal your bandwidth.  Or setting the bluetooth on your laptop/phone to "not discoverable".

I'm not going to panic about this.


----------



## trophywench (Aug 29, 2013)

Well this was 'exposed' some years ago, wasn't it, by a load of geeks at a hackers conference in USA?  And it was publicised.  Am pretty sure Northie put it on the forum in the News section?  (What I mean by this was, they were all above-board people who work in wireless or internet, whatever - security.)

I mean the Combo meters talk to their pumps by Bluetooth but they don't talk to anything else and even to connect with your pump, they have to be pre-matched to each other so if I were in room full of Combos, I couldn't tell anyone else's pump to bolus or do anything else, and neither could any of the others.

To download, it's an infra-red connection not wireless or USB.  People comment that this it terribly old-fashioned in this day and age - but ya know, sometimes, old-fashioned can be better!


----------



## Northerner (Aug 29, 2013)

Well, with hacking it's a case of knowing the flaws in the operating systems and being able to exploit them. In normal use, they have no doubt been well-tested an found to be safe, but that doesn't necessarily mean that an unusual instruction won't be able to confuse them. I think it's good that the possibility was exposed, however unlikely, because it hopefully means that things can be further tightened up


----------



## Mark T (Aug 29, 2013)

I remember reading about it a while ago.

To be fair, the guy hacked his *own* pump as a proof of concept.  To demonstrate that the authentication was weak.

And a lot of things do have weak authentication, I don't think many people have adjusted to the concept that a fairly cheap computer is fairly powerful (a Nexus 7 is more than 10 times more powerful then an early Cray supercomputer).

Bluetooth is an inherently unsecure link in any case.

But why would anyone try to hack a pump in real life?  Because they can, and for the Lolz!


----------



## HOBIE (Aug 29, 2013)

Its the same as getting info from someone elses phone.  Texts,numbers etc. Or getting on to web using someones modem.   PASSWORDS  I seem to have that many


----------



## everydayupsanddowns (Aug 30, 2013)

I picked up on twitter a few weeks back that the guy who had hacked the insulin pump had sadly died recently. http://rt.com/usa/hacker-pacemaker-barnaby-jack-639/

I think the stunt raised important questions about security and that *yes* you do have to guess the serial number, but it seems that was possible to do. And since that was the only authentication used...

Interesting that the news story above talks about the Homeland episode where a politician's pacemaker was remotely hacked - it seems the pump hacker was about to reveal genuine weaknesses in their security precautions too!


----------

