- Medical implants today receive wirelessly transmitted instructions from physicians regarding how to dispense their therapy, opening them to cyber-attacks that could potentially be fatal. However, a novel shield technology could secure access to the implants by virtue of an add-on medallion worn by the patient.Even though there have yet to be any reported cases of cyber-attacks on people with medical implants, such as pacemakers, researchers are intent on heading off the possibility with a shielding technology that works even with existing implants.
Someday soon Hollywood will be basing a major film on the premise that a hacker gains control of an important person's medical implant, either manipulating them by adjusting, say, their blood sugar with an insulin implant, or even assassinate them by stopping their heart with their own pacemaker. That is precisely the real-world scenario that Massachusetts Institute of Technology (MIT) professor Dina Katabi and University of Massachusetts-Amherst (UMass) professor Kevin Fu want to "head off at the pass," to use the Hollywood colloquialism from old Westerns (where the bad guy alway wore a black hat).
The stakes are enormous. Millions of citizens worldwide already have approved medical implants and more than 300,000 more receive pacemakers, defibrillators, drug pumps, brain "stimulators" and the like every year. Many of these implants have wireless connections that allow doctors to monitors their performance and fine-tune their therapeutic benefits. Communication with them is carefully encoded so that stray radio signals do not unintentionally modify their programming; however, hackers today already possess the skills to circumvent these safety measures, prompting Katabi and Fu to collaborate on a solution before the problem materializes.
The smarter solution, according to the team, is what it calls a "shield" which is worn like a medallion. The shield constantly emits a jamming signal on the precise frequency at which the implant receives its wireless instructions from an external programmer, usually at the doctor's office. However, this is no dumb jamming signal that just blankets the patient in white noise, which could actually endanger the patient if it randomly changed the implant's programming. Instead, it emits a carefully encrypted signal that still allows authenticated programming to get through but which foils any hacker who does not possess the encryption key.
The shield uses two antennas, one to transmit the jamming signal and the other to relay authenticated programming commands to the implant. (Source: MIT)
Even smarter, the "shield" also can work with existing implants that were never intended to be protected by encryption algorithms, since all the authentication and other safety measures are handled outside the body in the medallion. And in emergencies, such as when the patient is unconscious and the attending physicians do not know the encryption key, the implant can revert to normal functionality by merely removing the medallion.
Together with doctoral candidates Shyam Gollakota, Haitham Hassanieh and Ben Ransford, the team will present the shield for peer review at the upcoming Sigcomm (August 16-19, 2011, Toronto) conference of the Association for Computing Machinery.