A team of researchers find 8,000 bugs in pacemaker codes.
Mariella Moon, @mariella_moon
I know that this topic has been the subject of previous threads but believe the informasiton here is new/additional.
“Back in January, the FDA has finally acknowledged that some pacemakers and other cardiac devices are vulnerable to hacking. But how vulnerable are they, exactly? A security company called WhiteScope has discovered 8,000 bugs that hackers can exploit in pacemaker programmers — the tools used to adjust and monitor the device itself — from four different manufacturers. More importantly, the researchers said they’ve also discovered that pacemakers don’t authenticate programmers, so any working tool listed on eBay has the potential to harm patients with the implant.
Manufacturers are supposed to control programmers’ distribution, but the researchers themselves got their test devices from the auction website for as little as $500 to as much as $3,000. In addition to those issues, the team has found that doctors’ monitoring systems don’t require log-in names and passwords when pacemakers connect to them. They even found unencrypted patients’ data stored in the tools, including SSNs, names, phone numbers and medical conditions.“
Powered by WPeMatico