Are Insulin Pumps Subject To Hacking?
The short answer is that if you own a Medtronic insulin pump that is able to transmit data to a computer, then it is not a secure device. What does that mean? According to numerous news reports dating back to as early as 2008, a hacker has showed a proof of concept device and software hack that can take control of most Medtronic insulin pumps.
In 2011, in Miami, Barnaby Jack of McAfee, demonstrated a tool to take control of a Medtronic pump, deliver a massive dose of insulin, retrieve the data stored on the device or change the settings. Further the demonstrated device could scan a large crowd of people acquire a pump up to 300 ft. away perform its dastardly intent. (http://www.theregister.co.uk/2011/10/27/fatal_insulin_pump_attack/)
Barnaby reported that the hack worked on almost all Medtronic pumps because most have wireless capability. So, is this limited to Medtronic devices? Probably not, Medtronic was chosen because they are one of the largest pump manufacturers. It is likely devices with similar wireless capability are able to be hacked, though I could not find articles dealing with other manufacturers.
Insulin pumps are just the latest medical device shown to be insecure. Jack and a separate researcher showed a proof of concept for hacking a pace maker (http://deadlinelive.info/2013/08/18/remember-hastings-and-they-can-...). In fact the FDA issued a letter of guidance to hospitals warning of the manipulation of computer aided machines in hospitals. Their advice suggested that older windows controlled devices were likely not being updated and thus were easily available for hacking (http://www.forbes.com/sites/ericbasu/2013/08/03/hacking-insulin-pum...).
Oh just for fun one hack involved producing a battery warning on an insulin pump, causing the user to change the battery and then during the startup instantly exposing the device to external control (http://healthbizdecoded.com/2013/07/decoded-hack-able-implanted-med...). In this story there is proof of concept that some 300 medical devices, mostly in hospitals, have a terrible tendency to be hacked. It is scary concept but the biggest issue is likely pacemakers and insulin pumps.
Should we be worried? Probably not at this time, let’s face it there is little upside to remotely hacking an insulin pump. Hackers are primarily interested in two things, money and mischief. The money motivation is difficult to imagine. In the proof of concept the hacker needs to be within 300 feet of the target. If you are being blackmailed, moving outside that range solves the issue.
The bigger issue is likely mischief, and frankly most mischief is carried out by youth. Sure there may be some fun in messing with pumps, but the down side is you could get life in prison so is it really something to attack? Frankly the bigger issue is likely hospital equipment. Say someone hates a hospital it is likely they could wreak havoc just for fun or I suppose blackmail. But in order to do that, they would need near access and likely the ability to keep the machines updated, since these devices are often turned off and reset.
Still this is a problem. Why? Because it is doable one knows once it is shown it can be done, someone else will try it. It is just too tempting a target. Will it be aimed at Medtronic insulin pumps alone? Probably not. Let’s say I can remotely deliver 300 units to you. What fun do I get out of that? Maybe if I am a hacker, I might hate someone so much I try to mess them up by messing with their insulin pump, but again you have the big down side.
One writer speculated that an angry spouse could someday commit the perfect crime by hacking their partners pump, but surely there are better ways to check people out of the world. Personally, I would be more concerned about schools. There is no evidence that any of these hacks have escaped into the wild. But if a pump hack did escape, I would be concerned about kids at school, who might for the heck of it try one of these things. In the meantime, we shall hope the hacks are not released and that Medtronic and other pump manufacturers make a more secure interface. Bluetooth which is often used is an incredibly insecure wireless connection. It may be possible to develop proprietary connections and wired access for uploading information.
Finally, the argument is that these standards are lose so users and emergency room personnel need to access the pump without a security setting, both for convenience and immediate access in case of an emergency. Ahh hackers, can’t live with them and you can’t live with them. (yes I meant to say that)