This is some scary stuff. Apparently, in a presentation at the BreakPoint security conference in Melbourne, IOActive researcher Barnaby Jack discussed a vulnerability in a brand of pacemaker that could be used to deliver fatal shocks to their wearer’s hearts. It seems this as-yet-unspecified brand of pacemaker contains a secret wireless backdoor that could be accessed by hackers up to 30 feet away, and which would allow them to either kill immediately or (perhaps more alarmingly) reprogram the pacemaker to turn it into an autonomous source of infection. The wearer could go then around, unknowingly “infecting” other patients and spreading the virus to the population, making them vulnerable to lethal attacks at any moment.
It is indeed a scary situation but is fortunately not one that is necessarily imminent. Barnaby’s type of “white hat” hacking is meant to raise awareness and potentially lead to tighter software security among manufacturers. He hasn’t released any details that would allow less scrupulous people from exploiting this vulnerability, though there’s no mention if the manufacturer in question has rectified the situation yet.
[ SCMagazine ] VIA [ BoingBoing ]
