[ISN] Getting Root On The Human Body

From: InfoSec News <alerts_at_private>
Date: Wed, 10 Aug 2011 07:35:28 -0500 (CDT)
http://www.darkreading.com/security/vulnerabilities/231300312/getting-root-on-the-human-body.html

By Ericka Chickowski
Contributing Editor
Dark Reading
Aug 05, 2011

BLACK HAT USA 2011 -- Las Vegas -- A security researcher at Black Hat 
yesterday demonstrated how a hacker could remotely turn off a diabetic 
person's insulin pump without his knowledge. The findings came after 
months of research delving into the security of the portable medical 
devices that monitor diabetics' blood-sugar levels and those that 
deliver the body-chemistry-balancing insulin necessary to keep those 
levels in check throughout the day.

A SCADA security expert by day, Jerome Radcliffe himself is a diabetic 
and had been curious about the security of the devices that keep him 
alive. He looked into both continuous glucose monitors (CGMs) and 
insulin pumps within his research, with the findings from his 
pump-tinkering offering the most dramatic hackability.

According to Radcliffe, it is possible for a hacker to not only 
illicitly turn off the pump remotely, with the device only offering a 
small chirp as a response, but also to remotely manipulate any setting 
on the pump without it notifying the user at all.

"It's basically like having root on the device, and that's like having 
root on the chemistry of the human body," he said.

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Wed Aug 10 2011 - 05:35:28 PDT

This archive was generated by hypermail 2.2.0 : Wed Aug 10 2011 - 05:35:55 PDT