It's Time for your update Mr. Brown… Hacking the Human

Straight out of science fiction? Sounds like it, but it may be closer to reality than you would think.

Recently a bunch of researchers from the University of Washington and the University of Massachusetts, (plus a Harvard MD and a University of Washington Phd) were able to hack a pacemaker/defibrillator.

Think about this for a moment”¦they were able to make the device stop.

They released the report on their Web site dedicated to medical device security. Very interesting stuff.

Under the hood (so to speak – it was actually on a table) they found that they were able to connect to the device wirelessly, and cause it to shock on command and even to stop altogether. Almost secondary at this point, they were also able to glean sensitive patient information stored on the device.

Exploit scenario’s for this are better left to more deviant-minded individuals, but the net effect is obviously very serious. (When’s the last time your server went post-mortem – literally- from a flaw?)

So here’s the coolest part to the story:

They have examples of how to fix it! How many times have you seen a researcher release details of an exploit and not suggest how to fix it (aye, irresponsible disclosure)? They have taken account of the device designs (wireless transmission) and limitations (battery power) and have suggested ways that device makers could improve the security. Kudos to them! Hopefully this will spark a growing industry to make these devices safer.

One last thought here”¦ would it not be surreal if a computer virus transcended the electronic world and actually infected a human being?