9. August 2011 10:20
Insulin pumps and blood sugar monitors could be hacked into, putting diabetes patients at risk, a security researcher has found.
Speaking at the Black Hat computer security conference in Las Vegas, USA, Jerome Radcliffe said that insulin control devices that are part of an electronic hospital or remote monitoring system can be remotely accessed and their settings changed – with potentially lethal consequences.
This could happen in the context of a personal attack or as a step in a wider hacking operation aimed at secure communication systems.
Scientists are developing ‘jammers’ to block hacking – but these may also block remote monitoring by clinicians, derailing the evolution of e-health.
Radcliffe, himself a diabetes patient, said that he had experimented on his own equipment and found the ‘secure’ data vulnerable to hacking. He commented that his reaction was one of “sheer terror”.
Other systems that could be vulnerable to attack include pacemakers, operating room monitors and ICU equipment. Hackers could not only stop these devices but actively take control of them.
Radcliffe said he had hacked into the remote control of his own insulin pump, using a USB device available from medical suppliers. He was able to access the operational data and change the settings.
Attacks of this kind could be carried out from any location within 200 feet of a patient. They may increase the security risk to public figures who use electronic medical devices.