Implantable Medical Devices: Hacking Humans

Presented at Black Hat USA 2013, Aug. 1, 2013, 2:15 p.m. (60 minutes)

In 2006 approximately 350,000 pacemakers and 173,000 ICD's (Implantable Cardioverter Defibrillators) were implanted in the US alone. 2006 was an important year, as that's when the FDA began approving fully wireless based devices. Today there are well over 3 million pacemakers and over 1.7 million ICD's in use.

This talk will focus on the security of wireless implantable medical devices. I will discuss how these devices operate and communicate and the security shortcomings of the current protocols. Our internal research software will be revealed that utilizes a common bedside transmitter to scan for, and interrogate individual medical implants.

I will also discuss ideas manufacturers can implement to improve the security of these devices.


Presenters:

  • Barnaby Jack - IOActive
    Barnaby Jack is the Director Of Embedded Security Research at IOActive. Jack's role within IOActive involves researching new and emerging threats with a specific focus on embedded technology. Jack has over 10 years of experience in the security research space and previously held research positions at McAfee, Juniper Networks, eEye digital Security, and FoundStone. Over the course of his career, Jack has targeted everything from low-level Windows drivers to the exploitation of Automated Teller Machines. He has been credited with the discovery of numerous vulnerabilities, and has published multiple papers on new exploitation methods and techniques. Jack's work has been featured in many major media outlets including CNN, Forbes, MSNBC, Reuters and Wired. Jack has been an invited speaker at international security conferences in both the government and private sector including Black Hat, CanSecWest, IT-Defense and SysCan. Jack is often called upon for his opinions regarding the future of security research.

Links:

Similar Presentations: