PARIS — Here's some terrible news for millions of people around the world who need pacemakers, insulin pumps or electrodes that relieve chronic pain or symptoms of Parkinson's disease: These implant devices can be easily hacked.
Remember that episode from television series Homeland a few years ago? The one when hackers attempted to kill a U.S. presidential candidate remotely by accelerating his heartbeat through his pacemaker? That's hardly "pure fiction."
Dick Cheney, a former U.S. vice president, recognized the threat implants pose long before the Homeland episode. Worried about the possible hacking of his cardioverter-defibrillator, a battery-powered device that's placed under the skin to monitor the heart rate, he asked doctors to turn off the implant's wireless function.
"Most medical implants made over the last few years can communicate wirelessly with the exterior," says Anne Canteaut, a director of research at Inria, a French institute for computer science and applied mathematics. "This allows doctors to set up the device and control their patient's condition."
But such communication has many weaknesses. On Sept. 27, American pharmaceutical company Johnson & Johnson said that Jay Radcliffe, a diabetic patient and cybersecurity expert, had discovered how vulnerable these devices are. The company's Animas OneTouch Ping, available in the U.S. and Canada to administer insulin, could be hacked wirelessly to alter the dosage.
In August, seven researchers at Oxford University showed that brain implants could be hacked. "A patient suffering from chronic pain could be caused ever greater pain, while a patient with Parkinson's could find himself unable to move," says Laurie Pycroft, of the Oxford Functional Neurosurgery.
"The CNIL (France's National Commission on Informatics and Liberty) published a prospective study on connected objects as early as 2014. We had come up with a certain number of scenarios, but we didn't think they'd become true so quickly," says Délia Rahal-Löfskog, who heads the health department at CNIL.
In June last year, three Madrid-based scientists published a comprehensive study on the security of medical implants. Their findings were chilling.
"Most of these devices have no protection whatsoever and, when they do have one, it's obsolete," says Carmen Camara from the IT department of the Carlos III University in Madrid, who co-authored the study.
Hospitals are currently working on implants connected to sensors that enable them to constantly adapt to the patient's condition. Like computers and other connected objects, implants are prone to weaknesses such as inadequate security in the communication network, passwords that are easy to crack and vulnerable software.
How can one prevent implants from getting hacked?
"For local connections that are generally used by doctors to reprogram devices, we need to set up a piracy-proof authentication system. For remote connections that make it possible to collect the device's data on the patient, we need to make sure the transfer is confidential by encrypting the data," says Erik Boucher, an engineer at CNIL. Access to that information would constitute a violation of privacy but so would access to the related metadata. For example, you only need to know which Wi-Fi networks the implant tried to connect to in order to know where the patient is located.
The solution also lies in changing passwords often, not revealing online the device's serial numbers, and raising public awareness. "Any unusual behavior from a patient with an implant should alert doctors to the possibility the device was hacked," says Oxford Functional Neurosurgery's Pycroft.
Although encryption is useful in protecting data, it's hard to implement this measure because of the way implants are structured. "These tiny devices don't have enough battery life, memory and processing power to support traditional encryption protocols," says Shiho Moriai, the head of a research lab that focuses on security at Japan's National Institute of Information and Communications Technology.
Researchers are now exploring if encryption, typically done by the medical implant, can instead be processed by an external computer. But it's going to be years before we know if this method holds the key to keeping implants safe from hackers.