Pacemakers that connect to the Internet may be vulnerable to hacking, researchers say.
Credit: Pacemaker x-ray via Shutterstock
In the second season of the TV show "Homeland," terrorists assassinated the vice president of the United States (played by Jamey Sheridan) by hacking into his Wi-Fi-enabled pacemaker, and inducing a heart attack.
That isn't just fiction, researchers say: Many pacemakers and other implantable medical devices (IMDs), such as insulin pumps, connect to the Internet via Wi-Fi to share important medical data with doctors. But very few of these devices use secure connections.
Although there are no known instances of someone hacking a pacemaker or similar device to harm another person in real life, the danger is real: Security experts have demonstrated for years that hackers could easily steal medical data from IMDs, or even take control of the devices, causing pacemakers to emit shocks, insulin pumps to overdose their wearers, and ventilators to stop working.
That's why researchers at Rice University in Houston decided to look for a better way to protect people's IMDs. [9 Odd Ways Your Tech Devices May Injure You]
You could say their solution "beats" the competition: They use a patient's heartbeat as a constantly changing password.
"We use the heartbeat as a random-number generator," said Farinaz Koushanfar, an assistant professor of electrical and computer engineering at the university. "Your heart generates pulses, and the timing of these pulses has a good amount of randomness to them…. This is a true random number generator."
An uncrackable code
Random numbers are an essential part of any encryption system, and the more random, the better the encryption. The randomness of the human heartbeat, combined with the fact that a doctor or potential attacker would need to physically touch a patient to measure the heartbeat in order to access the IMD, forms the basis of the researchers' device.
Most companies that make IMDs choose not to encrypt their devices' wireless connections because an IMD's most important job is to save its wearer's life, Koushanfar said. If companies have to choose between reliable, easy access and security against intruders, they'll always choose the former, she told LiveScience.
Even if developers could find a way to balance security and ease of access, strong encryption requires additional processing power, which means a bigger drain on the IMD's battery, Koushanfar explained. Because changing an IMD's battery usually means operating on a patient, developers are hesitant to do anything that will significantly shorten the battery life.
The researchers say their program would only minimally drain an IMD's battery, while still ensuring a high degree of security.
It works like this: Using a Wi-Fi-enabled electrocardiogram reader, or EKG, the doctor will initiate a connection with a patient's IMD. But the devices don't actually share until both the doctor's EKG reader and the patient's IMD take a 12-second reading of the patient's heartbeat.
Once the doctor's EKG reader and the patient's IMD have been connected, the two devices will then generate a number based on the patient's unique heartbeat pattern, and then, like poker players simultaneously showing each other their hands, the two devices will show each other their numbers.
The researchers say their program would work best with pacemakers, but could also be used in any IMD that can reliably detect the pulse.
Koushanfar said the next step in the research , which she completed with graduate student Mahmoud Rostami, is to get the program approved for use by the Food and Drug Administration.
To treat a person with an IMD secured in this way, all doctors have to do is download the program to their EKG device, she said.
Many researchers have developed algorithms for generating numbers that seem to be random to humans. But there's no such thing as a true random number generator because computers are inherently logical machines, and always use some sort of process to generate the numbers that, without extremely close scrutiny, only appear to be random.
The Rice researchers may have gotten around that problem.
"Those mathematical versions are pseudorandom generators," Rostami said. "This is a real random number generator."