A report, to be presented at a California computer-security conference in May, suggests that pacemakers and defibrillators may be targets for hacking.
Millions of Americans have pacemakers, which keeps hearts beating regularly, or an implanted defibrillator, which can restart stopped hearts with an electric jolt. After implanting a defibrillator under a patient's skin, a doctor uses a special device, about the size of a breadbox, to tell the defibrillator what to do -- for example, to instruct it to keep the heart beating at a certain rate or deliver a test jolt.
The devices, called programmers, communicate with a defibrillator using radio waves. To prevent tampering, only physicians are allowed to buy one from the manufacturers -- Medtronic Inc., Boston Scientific Corp., and St. Jude Medical Inc.
But hackers could transmit the same radio signals -- causing a defibrillator to shock or shut down, or divulge a patient's medical information -- without needing a programmer, researchers found in a laboratory test of one model from Medtronic.
Great, now we need antivirus apps for our pacemakers. Seriously though, although this has never happened yet (and thanks to you researchers for giving hackers a new idea), it could happen. Perhaps a serial number for the device that has to be entered for the programmer to work would fix the problem? Or some other such way of preventing just anyone from controlling a pacemaker? You can imagine the problem if the records holding the information necessary for reprogramming were lost, however.