Monday, June 20, 2011

Small security system keeps hackers away from your implant

MIT and UMass scientists have designed a transmitter that jams wireless signals sent to medical implants by unauthorized users.

Pacemakers, drug pumps, defibrillators… they all have wireless connections that allow doctors to monitor vital signs or revise treatments. But this also leaves them vulnerable to attack.

A hacker could, conceivably, kill someone by instructing the implant to deliver lethal doses of drugs or electricity.

No such attacks have been documented… but with millions of Americans carrying implantable medical devices (IMDs) in them, and about 300,000 people getting new ones every year around the world, it’s really not a system you want compromised.

So, researchers created a system that has a second transmitter to jam unauthorized signals directly eavesdropping in an implant’s operating frequency. And it only allows authorized users to communicate with it (diagrammed above).

A doctor-sanctioned device, which has access to the implant, would send encrypted instructions to the second transmitter, which then decodes and relays them.

They call this jamming transmitter, the “shield.” And it’s small enough to wear as a necklace or watch.

A few years ago, a team led by Kevin Fu of the University of Massachusetts, Amherst demonstrated they could overhear defibrillators’ signals, learning things like patient names and diagnoses.

So they started experimenting with implantable defibrillators obtained secondhand from Boston-area hospitals, and programmable off-the-shelf radio transmitters simulated the shield.
  •  Without the shield, defibrillators obeyed commands from transmitters more than 40 feet away.
  • With the shield, potential harm-doers as close as 8 inches couldn’t control or listen in on the devices.
The shield, and not the implant, would handle the encryption and authentication. “It’s hard to put [encryption] on these devices,” says project researcher Dina Katabi of MIT. “There are many of these devices that are really small, so for power reasons, for form-factor reasons, it might not make sense to put the [encryption] on them.”

Some other smart things about having an external shield:
  • It would work with existing implantable devices.
  • It’ll be easier to upgrade or replace without surgery.
  • For emergency medical providers who need to communicate with an incapacitated patient’s implant, having to retrieve an encryption key could cause fatal delays. Whereas with this new security system, an emergency responder could just remove the shield.
The key is a new technique that allows the shield to simultaneously send and receive signals in the same frequency band. With ordinary wireless technology, the transmitted signal interferes with the received signal, making it unintelligible.

“Think of the jamming signal that we are creating as a secret key,” Katabi explains. “Everyone who doesn’t know the secret key just sees a garbage signal.” Because the shield knows the shape of its own jamming signal, however, it can, in effect, subtract it from the received signal.

The team will present the system [pdf] at the Association for Computing Machinery’s upcoming SIGCOMM conference in Toronto this August.

Via MIT News.

No comments:

Post a Comment