Q&A from Medtronic about "pump hack", links to diabetes blogs, more...

Aug. 4, the Washington Post and several other media published this story:
http://www.washingtonpost.com/business/technology/hackers-in-the-bl...

 

Several diabetes bloggers have shared their comments about it, including the following:
http://www.hanselman.com/blog/HackersCanKillDiabeticsWithInsulinPum...
http://sixuntilme.com/blog2/2011/08/hacked_jay_radcliffe_insulin_p....
http://www.ydmv.net/2011/08/pump-hacking-and-what-really-matters.html

 

This morning, I reached out to pump and glucose meter manufacturers, asking them for more information on this. Following I am pasting the Q&A I received from Medtronic Minimed's Director of PR:


Medtronic takes very seriously the issue of information security of devices. It is an integral part of the very fabric of our product design processes. To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide.

Technology is constantly evolving and Medtronic is continually incorporating measures to maintain information security, while ensuring our devices meet their intended purpose of saving and extending lives.

We understand that there are no absolute certainties in information security. However, we also know that being vigilant in reviewing the external security landscape, designing our products with information security in mind and creating rigorous, complex safeguards will help ensure product security.

Key Questions and Answers
Q1. I’ve read a report that says a device can be manipulated and subsequently disrupted. Is this true?
A. Yes, we are aware of this report. This is the first and only such report we have seen and we do not see a reason to believe that this is a reason for concern as your device went through extensive testing to make sure it would be safe and protected from external harm.

In the reported instance, the researcher had in-depth knowledge about the product he tampered with, such as the serial number of both the insulin pump and remote device, and he TURNED ON the wireless feature. Additionally, he had access to specialized equipment which he used to rebroadcast the RF signal in a controlled environment.

Q2. Has a Medtronic device ever been manipulated?
A. To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use, which includes millions of devices worldwide.

Q3. How would I know if someone had manipulated my insulin pump?
A. If someone manipulated your pump to deliver a bolus of insulin that you did not want to receive, your pump would play back a series of tones to confirm the size of the bolus. So, you would be able to detect tones on the insulin pump that weren’t intentionally programmed and could intervene accordingly.

Q4. What could happen if someone tampered with a CGM monitor?
A. To our knowledge, there has never been a single reported incident outside of controlled laboratory experiments in more than 30 years of device telemetry use -- including the transfer of viruses and malicious code, which includes millions of devices worldwide.

We have and will continue to be vigilant in reviewing the external security landscape, designing our products with information security in mind and creating rigorous, complex safeguards which will help ensure product security.

In the very remote chance a patient encountered wireless tampering, a CGM monitor could potentially receive an erroneous sensor value or meter value. However, our CGM labeling requires patients to confirm the sensor glucose reading with a fingerstick measurement prior to making any type of therapy decisions. So, they would have the opportunity to investigate any type of discrepancy caused by wireless tampering.

Q5. Is there really anything Medtronic can do to “prevent” manipulation of devices?
A. We recognize there are people who focus on manipulation of devices – medical and otherwise. Most do so as part of an academic pursuit or to improve existing technology. We also recognize there may be some who have malicious intent. Our job is to incorporate information security measures into our designs, vigilantly monitor potential threats and to always be proactively finding ways to make our devices more secure for you. That is what we have done and what we will continue to do.

Views: 2767

Reply to This

Replies to This Discussion

Manny, thanks so much for this information.
Uh, Something to think about and get the security right, but who in the hell is interested in hacking into my insulin pump? For kicks? Probably a 1 in 10,000,000 chance of this happening. Hackers are interested in Microsoft, Citibank or the Pentagon or any place they can make money. Nothing for them in an insulin pump; no fame, no credit card, no personal info.... can't even do identity theft. Maybe they can find out my carb ratio or alarm settings... Oh no! Regarding giving me an unwanted bolus; sounds like a bad script from a bizarre horror movie: "von Bulow II". Someone please tell me why I should really be concerned about this happening?
You shouldn't.... I, like you, think that hacking insulin pumps would be way down on the "to hack"list...LOL I'm much more worried about one of my younger grand kids trying to push the buttons than anything else. Hackers like to disrupt masses, not individuals. And, of course, big government agencies......
If you scan the rf frequencies when the bg monitor sends data to the pump, you can not only determin the exact frequency but also intercept the data sent. With some very simple way, you can decrypt it and re-encrypt it using the same algorythm. Basically masking the data as bg reading. But it would be much easier to just run up to someone and inject them with insulin rather than do this... we shouldn't really worry about this, unless you are on the international terrorlist.
I was under the impression that when Radcliffe tried to decrypt the intercepted proprietary data (from meter to pump and CGM to pump) that all he was able to extract was garbled code.

A man in the middle attack like what your suggesting would work in theory, but only if you knew the algorithms used for the proprietary communication protocols. I suspect (as you stated) other methods of attack would be more rewarding for a hacker such as DoSing the pump to force a shutdown.
Can someone explain to me what a hacker would have to gain from hacking into my insulin pump? And what are the chances that a hacker would be within range of my pump, have my pump's serial number, and possess all the equipment needed at that moment to hack into my pump? I'd say pretty close to 0. I wish this story would blow over fast and Medtronic, Animas, and the gov't can focus on really important things for people living with T1D like, oh, I don't know, finding a freaking cure!

Next!
Well... let's see. I don't know what you do, you might be a corporate executive involved in multi-million dollar decisions, a little insulin reaction to delay an important contract by a day might allow a lot of money to be made.

But, to give a real world example that has happened repeatedly, suppose you become of interest to the national newspapers? What journalist would skip a chance to learn that, on particular days, you blood sugar was shooting up and down, or that you invariably gave yourself a massive bolus before every press conference? Almost as good as hacking your voicemail; get within 3 feet of you and download a days' blood glucose readings. And 99% of the things that can be found out are found out undetectably; I don't imagine the pump or sensor logs downloads.
The diabetic CEO... Fantasy land. "von Bulow II" the Pump Hacker.

I also sleep on my side to reduce the chances of being hit by meteors. ;)
Multi Millions to be made..................
By me, for my meteor avoidance technique...
OK, is this just me, but, who would want to tamper with my pump or cgm??? why??? for what purpose?? It is always on me.. so I think I would know since i am always checking my pump for my BG levels..I cannot understand why anyone would want to hack my pump or CGM to give me a bolus or whatever...sounds kind of ridiculous...ok, maybe i am sheltered, but, I don't really think I am all that important or that anyone would know i wear a pump or CGM since its under my clothes...how would anyone know unless I told them?....oh well.. ok..color me ignorant I guess!
No, you are just using your common sense...

RSS

Advertisement



REsources

From the Diabetes Hands Foundation blog...

A Snapshot: Diabetes In The United States

An infographic explaining the most recent CDC diabetes figures, released in June 2014.

Will you Stand Hand in Hand in support of the Diabetes Hands Foundation?

  Facing Diabetes Together Will you Stand Hand in Hand in support of  the Diabetes Hands Foundation? When you make a gift to the Diabetes Hands Foundation you help people with diabetes make positive changes in their lives. We believe that no Read on! →

Diabetes Hands Foundation Team

DHF TEAM

Manny Hernandez
(Co-Founder, Editor, has LADA)

Emily Coles
(Head of Communities, has type 1)

Mila Ferrer
(EsTuDiabetes Community Manager, mother of a child with type 1)

Mike Lawson
(Head of Experience, has type 1)

Corinna Cornejo
(Development Manager, has type 2)

Desiree Johnson  (Administrative and Programs Assistant, has type 1)


DHF VOLUNTEERS


Lead Administrator

Bradford (has type 1)


Administrators

Lorraine (mother of type 1)
Marie B (has type 1)

Brian (bsc) (has type 2)

Gary (has type 2)

David (dns) (type 2)

 

LIKE us on Facebook

Spread the word

Loading…

This website is certified by Health On the Net Foundation. Click to verify. This site complies with the HONcode standard for trustworthy health information: verify here.

© 2014   A community of people touched by diabetes, run by the Diabetes Hands Foundation.

Badges  |  Contact Us  |  Terms of Service