A group from the Medical Device Security Center was able to use a specially-crafted radio transmitter to link to and launch attacks against pacemaker and defibrillator devices used to regulate heart activity.
The group was able to connect to devices, obtain patient information and cause them to shut down.
"Our investigation shows that an implantable cardioverter defibrillator is potentially susceptible to malicious attacks that violate the privacy of patient information and medical telemetry," the researchers wrote.
"The devices may experience malicious alteration to the integrity of information or state, including patient data and therapy settings for when and how shocks are administered.
"When these systems include wireless computing devices, additional precautions are necessary to ensure that the computing devices appropriately balance safety with convenience and do not introduce unacceptable risks."
The researchers recommended that device manufacturers implement basic systems that can alert patients and require authentication for a connection without consuming too much power.
Researchers hack into pacemakers
By Shaun Nichols on Mar 16, 2008 8:19PM