• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

MassDevice

The Medical Device Business Journal — Medical Device News & Articles | MassDevice

  • Latest News
    • Cardiovascular
    • Orthopedics
  • Wall Street Beat
    • Funding Roundup
    • Mergers & Acquisitions
  • Podcasts & Webinars
    • Podcasts
    • Webinars
  • Resources
    • About MassDevice
    • Newsletter Signup
    • Leadership in Medtech
    • Manufacturers & Suppliers Search
    • MedTech 100 Index
    • Videos
    • Whitepapers
  • DeviceTalks Tuesdays
  • Coronavirus: Live updates
Home » Hack this: Researchers develop device to shield pacemakers

Hack this: Researchers develop device to shield pacemakers

June 15, 2011 By Arezu Sarvestani

IMD Shield

Wireless devices have changed the way health information moves, making data more abundant and more accessible. But it’s also made medical devices more vulnerable.

Researchers at MIT and the University of Mass. Amherst are the first to develop a technology that could protect the millions of existing medical device implants without altering or replacing them.

Wireless technologies made their mark on medical devices in a big way, attaching themselves to everything from pacemakers and defibrillators to insulin pumps and nerve stimulators.

This connectivity allows doctors to monitor patients at home and react in real time if the device sends an alert. But it also leaves an open channel for sending and receiving information. An attacker, which the MIT team calls the “adversary,” could exploit that channel to hack into the device and steal sensitive information.

MIT
UMass

In the worst-case scenario, an adversary could send a message to a device instructing it deliver an excessive dose of medication or electricity, injuring or even killing the victim. Millions of people are already implanted with wireless-capable devices in the U.S. alone and 300,000 more are implanted around the world each year, according to a study cited by the researchers.

"I haven’t heard of any malicious activity being reported, so that’s the good news," researcher and associate professor in the UMass Amherst computer science department Kevin Fu told MassDevice, but it may just be a matter of time. "I always equate it to automobile security. I kind of feel that we’re going around in cars where nobody’s locked the doors yet but nothing bad has happened. I think it’s the right time now to start figuring out better mechanisms to improve security," Fu said.

Fu also worked on a study published in 2008 that proved it’s possible to use general-purpose radio software to access and manipulate medical devices. That study found that a properly motivated adversary could determine whether someone had an implanted medical device and the type of implant, then expose the identifying serial number and obtain patient personal information and health history stored on the medical device. Furthermore, the study showed that a targeted signal could change a medical device’s settings, change or disable therapies and deliver electrical shocks on command.

The MIT-UMass team started thinking about how to protect millions of existing medical devices without security checks less than a year ago. Other studies have considered adding a firewall component to new medical implants, but that would require patients to replace their implants to benefit from the new security measures. Installed security measures could also prove problematic in emergency situations if a decryption key isn’t readily available or isn’t functioning properly. The MIT-UMass device, which they call a shield, would be worn outside the body and could be removed by physicians in an emergency.

The shield is envisioned as a small, wearable radio transmitter custom-tuned to send and receive signals to and from an implanted device. The shield detects nearby signals and determines whether they are authorized or suspicious. If the implant is sending a signal to report an abnormality, the shield picks up that signal and transmits it to the health care provider on a secure channel. Similarly, a physician’s signals attempting to gather data from the device or reprogram its regimen would go through the shield.

If the shield detects an unauthorized transmission, it emits a strategically randomized response, effectively reducing the implant’s outgoing signals to indecipherable noise and protecting it from infiltration.

So far the protective jammer prototype has only been tested with two Medtronic Inc. (NYSE:MDT) implantable defibrillators obtained secondhand from Boston-area hospitals, but researchers say there are no technical obstacles preventing the shield from protecting other brands or other types of devices. The work showed that the presence of the shield successfully deflected close-range attacks (from 20 centimeters away) as well as long-range attacks from adversaries with 100 times the shield’s power level. While it was unable to deflect high-powered attacks from close range, it raised an alarm designed to prompt the patient to leave a suspicious situation.

The research is still fresh, and there are a lot of factors yet to consider, but the team is optimistic about the shield’s potential. While it has only been tested on defibrillators, MIT researcher and associate professor of the computer science and artificial intelligence lab Dina Katabi says the shield could have a wider reach.

"We haven’t plugged in details of all these potential implanted medical devices, but at the high level it seems that there is no technical reason that a single device cannot protect all of these devices that are used in wireless connectivity that are worn on the body or inside the body," Katabi told us.

The vulnerability is serious and medical databases and hospital equipment have been targeted before, but the research team emphasizes that no incidents involving medical device hacking have been reported to date. The research is intended to address a potential problem before it becomes a real issue.

"People should not really get scared," Katabi said, adding that the last thing she wants is to evoke panic in the millions of people with implanted cardiac defibrillators.

The team has a preliminary prototype that will be unveiled at this year’s Association for Computing Machinery’s upcoming Sigcomm conference and has just begun talks with interested companies through MIT’s newly launched Medical Device Innovation Center.

More information is available on the team’s project page.

Filed Under: News Well, Research & Development Tagged With: Cybersecurity, Mass. Institute of Technology, MassDevice Q&A, Technologies, University of Massachusetts

In case you missed it

  • CeQur is launching a discreet, convenient ‘wearable insulin pen’
  • Teva appoints former Vertex exec as new head of R&D, CMO
  • Enovis partners with Kelvi on hot and cold therapies
  • West Pharmaceutical Services debuts new needle syringe system
  • Titan Medical names Cary G. Vance as new president, CEO
  • Acutus completes first closing in left-heart access portfolio sale to Medtronic
  • FDA clears Intuitive, Siemens Healthineers imaging integration for robotic bronchoscopy
  • FDA backs COVID-19 boosters with BA.4/5 spike proteins for fall
  • How safe is health information after the overturning of Roe?
  • Smith+Nephew opens new plant in Malaysia
  • BD launches combination COVID-19, flu, RSV diagnostic test
  • Zimmer Biomet creates independent nonprofit organization to reduce health disparities
  • Dexcom focuses on early diabetes diagnosis as COVID links emerge
  • Nasdaq grants Titan Medical 180-day extension to regain compliance
  • Aerin Medical reports positive 4-year results for VivAer treatment
  • Blackrock Neurotech and Pitt work on first at-home BCI system for remote trials
  • How medical device companies are responding to abortion bans

RSS From Medical Design & Outsourcing

  • Supply Chain EVP Greg Smith sees fewer suppliers in Medtronic’s future
    All eyes are on Medtronic’s global operations and supply chain leader as he works to modernize its operations and scrutinize suppliers. EVP of Global Operations and Supply Chain Greg Smith anticipates fewer suppliers in Medtronic’s future, he said in an interview this week. Smith spoke with DeviceTalks Editorial Director Tom Salemi in his first published… […]
  • CeQur is launching a discreet, convenient ‘wearable insulin pen’
    CeQur designed its Simplicity device to make insulin delivery as seamless as possible for people with diabetes. When it comes to managing diabetes, CeQur wants to make insulin therapy as convenient as possible. For those who prefer to manage their own insulin delivery, the Simplicity device might just do exactly that. Simplicity, a wearable, disposable… […]
  • Meddux opens new facility in Colorado
    Engineering, design, development and manufacturing company Meddux announced that it opened a new facility in Boulder, Colorado. The new, 22,000-square-foot facility doubles the overall square footage from its previous location in Colorado. According to a news release, it helps the company to quadruple its product development area and double its manufacturing footprint. Meddux’s new facility… […]
  • Reducing the Overall Cost of Validation
    By PTI Engineered Plastics Reliable medical devices and equipment are essential for researchers and doctors to accurately diagnose and treat a wide range of diseases. That is why there is such stringent oversight from the FDA to ensure these products meet the necessary requirements and specifications. To ensure compliance with regulators, manufacturers follow installation qualification… […]
  • BBS Automation has a deal to buy medtech supplier Kahle Automation
    BBS Automation said it plans to purchase high-speed automation supplier Kahle Automation to expand its medtech and life sciences business. Kahle will operate as Kahle – a BBS Company, according to a news release from Munich, Germany-based BBS and Lombardy, Italy-based Kahle. The deal is subject to regulatory approval. Terms were not disclosed. Kahle’s co-owners —… […]
  • How safe is health information after the overturning of Roe?
    The U.S. Department of Health and Human Services today issued guidance meant to better protect women’s health information as state abortion bans kick in after the U.S. Supreme Court’s overturning of Roe v. Wade. Despite the HHS actions, women may still wonder whether their health information is entirely safe going forward — a potential challenge… […]
  • Dexcom focuses on early diabetes diagnosis as COVID links emerge
    New evidence is showing that COVID-19 may increase a person’s risk of diabetes, but it could be years until we know for sure. In the meantime, Dexcom (Nasdaq:DXCM) is getting ready, VP of Global Clinical Initiatives Tomas Walker said. Walker recently spoke with Medical Design & Outsourcing to discuss the San Diego-based diabetes device developer’s… […]
  • Blackrock Neurotech and Pitt work on first at-home BCI system for remote trials
    Blackrock Neurotech and the University of Pittsburgh’s Rehab Neural Engineering Labs (Pitt RNEL) are working together on the first portable brain-computer interface (BCI) to allow patients to participate in research trials from home. A Blackrock representative said it’s the final step as the company prepares to launch its first commercial product early next year. Salt… […]
  • How medical device companies are responding to abortion bans
    Days after the U.S. Supreme Court’s decision to overturn Roe v. Wade’s protection of abortion rights, medical device companies are among those reassuring workers about healthcare access. Corporate communications to employees and the public at large come as trigger laws in nearly half of the states outlaw abortion immediately. Some medtech companies are not using… […]
  • Philips updates on testing results for recalled ventilators
    Royal Philips (NYSE:PHG) says only a small portion of returned respiratory devices displayed the sound abatement foam degradation that sparked a massive recall. Repeated ozone cleaning may have made the problem worse. Those were some of the major takeaways from an update Philips provided today on a comprehensive test and research program it implemented after its… […]
  • ResMed names Lucile Blaise as new Sleep & Respiratory Care leader
    Lucile Blaise will be the new president of ResMed’s Sleep & Respiratory Care business starting July 1, ResMed (NYSE: RMD) said today. She replaces Jim Hollingshead, who became president and CEO of Insulet (Nasdaq:PODD) on June 1. ResMed President and COO Rob Douglas is serving as interim president of the Sleep & Respiratory Care during… […]

Leave a Reply

You must be logged in to post a comment.

Primary Sidebar

DeviceTalks Weekly

July 1, 2022
Boston Scientific CEO Mike Mahoney on building a corporate culture that drives high growth results
See More >

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.
Need Medtech news in a minute?
We Deliver!

MassDevice Enewsletters get you caught up on all the mission critical news you need in med tech. Sign up today.

MDO ad

Footer

MASSDEVICE MEDICAL NETWORK

DeviceTalks
Drug Delivery Business News
Medical Design & Outsourcing
Medical Tubing + Extrusion
Drug Discovery & Development
Pharmaceutical Processing World
MedTech 100 Index
R&D World

Device Talks Webinars, Podcasts, & Discussions

Attend our Monthly Webinars
Listen to our Weekly Podcasts
Join our Device Talks Tuesdays Discussion

MASSDEVICE

Subscribe to MassDevice E-Newsletter
Advertise with us
About
Contact us
Add us on Facebook Follow us on Twitter Connect with us on LinkedIn Follow us on YouTube

Copyright © 2022 · WTWH Media LLC and its licensors. All rights reserved.
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media.

Advertise | Privacy Policy | RSS