Security Theater at Black Hat 2018

implantible-devices-security-theater
Wireless Security Theater

Security is a serious business. And revealing unknown flaws can make or break people – and companies. This is especially true in the healthcare industry. As more health issues are being solved through the use of  implantable technologies, security issues will become even more important. But when do “announcements” of implant vulnerabilities go from reasonable disclosure to security theater?

When my wife sent me a link to a CNBC article entitled “Security researchers say they can hack Medtronic pacemakers”, I took notice. As posted previously, I have been a cyborg since July 2002. And in 2010, I received a replacement implant. At the time, I wondered whether (of if) these devices might be hacked. After all these devices could be programmed over-the-air (OTA). Fortunately, their wireless range was (and still is) extremely limited. Indeed, it is fair to say that these devices have only “near-field communications” capability. So unless someone could get close to a patient, the possibility of a wireless attack is quite limited.

But as technology has advanced, so too have the threats of exploitation. Given recent technology advances, there was a fair chance that my device could be hacked in the same way that NFC chips in a mobile phone can be hacked. In fact, when I cross-referenced the CNBC article with other articles, I saw a picture of the very same programmer that my cardiologist uses for me. It was the vert same picture (from Medtronics) that I had posted on my personal blog over eight years ago. So as I opened the link from my wife, my heart was probably beating just a little more quickly. But I was relieved to see that CNBC was guilty of succumbing to the security theater that is Black Hat Vegas.

In this case, the Black Hat demonstrators had hacked a “programmer” (i.e., a really fancy laptop that loads firmware to the implantable device). The demonstrators rightfully noted that if a ‘bad actor’ wanted to injure a specific person, they could hack the “programmer” that is in the doctor’s office or at the hospital. And when the electro-physiology tech (EPT) did a “device check”, the implanted device (and the patient) could be harmed.

This is not a new risk. The programmer (i.e., laptop) could have been hacked from the very start. After all, the programmer is just a laptop with medical programs running on it. It is altogether nothing fancy.

The real risk is that more and more device-assisted health treatments will emerge. And along with their benefits, these devices will come with some risks. That is true for all new technologies – whether medical or not. There is a risk of bad design, or software bugs, or poor installation, or inattention to periodic updates. And there is a risk that this technology might be exploited. Of course, the fact that a pacemaker might be subject to failure during an EMP does not mean that the device should never be used.

It’s just a risk.

Fortunately, this is no different than the countless number of risks that we take every day. We trust car designers, driving instructors, other drivers, and even the weather forecasters whenever we drive our cars. And the threat that our cars are run by computers – and can necessarily be hacked – doesn’t prevent everyone from driving. 

Let’s leave the security theater in Vegas. And let’s leave the paranoia to professionals – like Alex Jones.


I Really Love Technology

This isn’t the first time you will hear me say that “I Really Love Technology.”  But it’s true.  In March of this year, I got a chance to remember how technology has saved my life.  I had my first defibrillator replaced at that time.  I got a shiny new Medtronic Virtuoso II unit.  And things were fine for over six months.
And then I got a new bike.  OK, it isn’t the bike’s fault.  But it always seems that I find out more about these units when I’m cycling.  And here is where the story begins…
Eight years ago, I was riding my bike when I learned that there was a problem with the lead that was inserted into my left ventricle.  That problem resulted in a total of eight (8) unnecessary shocks.  And the resolution was a surgery to have the leads replaced.
Last week, I was riding home from work when my new ICD proved its existence by nudging me with a 300V shock.  OK, it wasn’t a nudge.  It was more like a really big th-wack in the middle of my chest.  But it only happened once.  After making it home, I sent the digital data via modem to my cardiologist.  And the EP tech told me I had experienced another inappropriate shock due to t-wave over-sensing by the ICD.
If you take a look at the EKG strip (above), you will see what happened.  My heart was beating at about 130 bpm.  But my device thought that my heart was beating at over 200 bpm.  So in the first row, you will see where the device tried to pace my heart back down to a “normal” rhythm.  And in the second row, you see what happens when your heart get a 300V shock.
So I went to the cardiologist today.  The EP tech and a kindly Medtronic tech sat with me and re-programmed my ICD.  It was no big deal.  It took about five minutes of real work and about fifteen minutes of discussing everything with the overly curious patient.  The device was reprogrammed to ensure that my t-wave won’t be mis-identified as a QRS-wave.  I then asked for a printout of the strip so I could post it for your review.
Two dozen years ago, I would have died – on numerous occasions.  A dozen years ago, I might have gotten an ICD; but I wouldn’t have been able to maintain my active lifestyle.  Now I have a next-generation device.  And this technology will someday save my life.  It is quite cool.  It can communicate wirelessly.  It can be reprogrammed while I’m awake and sitting in a chair wearing my normal clothes.  And I can be part of the entire process.  Couple that with the computer technology in my house and I can share part of the experience with you.
But despite all of the advances found in this device, I still live with the product of man’s ever-increasing knowledge.  It’s not perfect.  But it does save lives.  And with each generation, we know more and more.  But as I think about the Creator who designed and built us, I realize just how far we’ve come – and just how far we have to go to approach the healing power that is in His hands.  I really like my doctor.  But I really love my Creator, my Savior and my Lord.
Last week, I got a tangible reminder of how fragile and how temporary my current life is.  Tomorrow, I am on my bike again.  And I will be reminded of what a blessing every day truly is.
I want to thank each and every one of you for the prayers you’ve raised before our Lord.  He has heard them.  And He has answered your prayers through technology, through doctors and through His unparalleled mercy and grace.
-Roo

Wireless Security, In My Chest


Tomorrow is the big day.  I will be getting a new implantable cardioverter defibrillator (ICD).  It’s been almost eight years since my original implantation.  So technology has changed.  As noted before, I’ll be getting a Medtronic Virtuoso.  And this device comes equipped with wireless management technology.
The potential benefits of using wireless technologies in this application are staggering.  During implantation, there is no need to put anything in the sterile field except the doctor’s hands and the device that will be implanted.  And I’m already using Medtronics remote care and management services (trademarked as CareLink).  But the latest generation of CareLink will allow the doctor to obtain vital information almost immediately.
But the benefits aren’t without downside risks.  First and foremost, I wonder what it would take to hack this new device.  Using the MICS frequencies helps; I won’t be subject to WiFi hacking!  😉  But if I ever become famous or important, I wonder just how high the barrier would be to hijacking either the “information channel” or the “control channel” for this device.  I give Medtronic a great deal of credit for addressing these matters.  But I wonder how safe these systems truly are.
In candor, if someone wants my data, there are easier points of attack.  First, my cardiac data is on traditional computing systems managed by Medtronic.  And the data will be available from my CareLink unit, the data in my cardiologists office and also at Medtronic’s facility.  It would be far easier to hack these systems (either via frontal assaults or via social engineering) than it would be to directly hack the source of my data (i.e., the device in my chest).  And I’m sure that there are plenty of people that handle my data such that social engineering assaults are both plausible and low-cost.
But as of tomorrow, my abstract concerns become practical considerations.  Here’s hoping that none of my teenage neighbors get any fanciful ideas about hacking my heart! 😉  I just wish that I could add a few layers of additional security.  For example, I  would require using a VPN to access my device.  And my device would only be  accessible via an additional token of my choosing (and via a CA I choose).  But I really don’t want to see if this is possible as it would strip the veneer of confidence that I’ve meticulously constructed!
-Roo

It's Time for a System Upgrade

Medtronic VIrtuoso ICD

I’ve been in systems work for almost thirty years.  And in each of those years, annual budgets have always included upgrades to pre-existing systems and technologies.  For some companies, that refresh cycle is every thirty-six months.  For some companies, it is extended to every sixty months.  In my case, that cycle has been 90 months.
Basically, it is now time to replace the ICD that has been in my chest for over 90 months.  First, I am so thankful for the men and women that work at Medtronic. Second, I am so very thankful for all the investors that have set aside their own savings in order to invest in research and in patient care.  Third, I am thankful for the doctor that selected an exceptional device.  Finally, I am thankful to my family for always supporting me throughout this phase of my life.
But I am now transitioning from first-time ICD recipient to lifelong ICD recipient.  It’s now time to set aside the things of youth and settle into treating my ICD as part of my normal day-to-day  existence.
In fairness, it really has been part of my routine for seven years.  Indeed, it took me six months to get past the weirdness of relying upon tech for my continued life.  But once you get past the mental barriers, living with an ICD is like living with any other routine care.  For some people, this means routine blood testing.  For others, it means routine medication.  For me, it means that I can call my self “The Six Million Dollar Man.”
And it is quite interesting to note how this tech has evolved.  When I started with my implant, I had to see the doctor every six months.  About three years ago, I received a small “reader” that collects telemetry and sends it via a modem.  The latest revisions of these device us secure, wireless communications to download data in real-time and then send it to a remote monitoring site (kind of like household monitoring).  And if problems are noted, updated therapies can be immediately downloaded to the device.
It’s all quite interesting – and a little bit disconcerting.  I am now subject to the security of wireless communications and firmware that can be revised on the fly.  It’s all very cool.  But if I were someone important, I might be concerned that someone could p0wn my heart!
Nevertheless, I find myself more interested than fearful.  And I’d love to see firmware mods with really cool features – though I can’t think of practical uses.  But I can see a mod where I can tap on my ICD and have it emit some kind of tones/music.  Maybe wolf-whistles or something similarly inane.
But as I consider this as a pivot point, I am starting to view what else I can upgrade during this transition point.  First, I need to reconsider whether it is time to jump back into IT leadership.  I stepped back from that as I didn’t want others to depend upon me when I was concerned about my own “longevity.”  Those times are over.  So I’m considering changing back into a management track.
Second, I really need to step up and become an even better spiritual leader for my household.  I can’t remember the last time I seriously witnessed to someone in my sphere of influence.  That really needs to change.  I must confess my selfishness and plead for the strength to witness my convictions.
Third, I really need to wrestle with God to determine what his plans for my life are.  I am restarting so many things.  As a middle-aged man, I was watching my household dwindle.  But now that Cindy and I are helping our daughter to raise our grand-daughter, my expected life roles are different than I anticipated.  I love my grand-daughter even more than I can express.  But I really need God to empower me to be the kind of influence that my daughter and my grand-daughter really need.  So I’ am re-dedicating myself to the task of becoming a family leader once again.
But rather than prattle on, I’ll close this post out very simply.  I covet your prayers.  The surgery is scheduled for March 3, 2010.  I may live tweet before and after.  But that will depend upon how out-of-it I feel and whether I can smuggle my phone into the hospital with my stuff.  Maybe I can talk to the doctor and see if he tweets.  It would be quite cool to have some kind of live stream.
But between now and then, I covet your prayers.  Pray that I will become the man that God wants me to be.  Pray that my heart is young enough to listen to what God wants rather than just requesting his blessings on what I want.
-Roo

It’s Time for a System Upgrade

Medtronic VIrtuoso ICD

I’ve been in systems work for almost thirty years.  And in each of those years, annual budgets have always included upgrades to pre-existing systems and technologies.  For some companies, that refresh cycle is every thirty-six months.  For some companies, it is extended to every sixty months.  In my case, that cycle has been 90 months.

Basically, it is now time to replace the ICD that has been in my chest for over 90 months.  First, I am so thankful for the men and women that work at Medtronic. Second, I am so very thankful for all the investors that have set aside their own savings in order to invest in research and in patient care.  Third, I am thankful for the doctor that selected an exceptional device.  Finally, I am thankful to my family for always supporting me throughout this phase of my life.

But I am now transitioning from first-time ICD recipient to lifelong ICD recipient.  It’s now time to set aside the things of youth and settle into treating my ICD as part of my normal day-to-day  existence.

In fairness, it really has been part of my routine for seven years.  Indeed, it took me six months to get past the weirdness of relying upon tech for my continued life.  But once you get past the mental barriers, living with an ICD is like living with any other routine care.  For some people, this means routine blood testing.  For others, it means routine medication.  For me, it means that I can call my self “The Six Million Dollar Man.”

And it is quite interesting to note how this tech has evolved.  When I started with my implant, I had to see the doctor every six months.  About three years ago, I received a small “reader” that collects telemetry and sends it via a modem.  The latest revisions of these device us secure, wireless communications to download data in real-time and then send it to a remote monitoring site (kind of like household monitoring).  And if problems are noted, updated therapies can be immediately downloaded to the device.

It’s all quite interesting – and a little bit disconcerting.  I am now subject to the security of wireless communications and firmware that can be revised on the fly.  It’s all very cool.  But if I were someone important, I might be concerned that someone could p0wn my heart!

Nevertheless, I find myself more interested than fearful.  And I’d love to see firmware mods with really cool features – though I can’t think of practical uses.  But I can see a mod where I can tap on my ICD and have it emit some kind of tones/music.  Maybe wolf-whistles or something similarly inane.

But as I consider this as a pivot point, I am starting to view what else I can upgrade during this transition point.  First, I need to reconsider whether it is time to jump back into IT leadership.  I stepped back from that as I didn’t want others to depend upon me when I was concerned about my own “longevity.”  Those times are over.  So I’m considering changing back into a management track.

Second, I really need to step up and become an even better spiritual leader for my household.  I can’t remember the last time I seriously witnessed to someone in my sphere of influence.  That really needs to change.  I must confess my selfishness and plead for the strength to witness my convictions.

Third, I really need to wrestle with God to determine what his plans for my life are.  I am restarting so many things.  As a middle-aged man, I was watching my household dwindle.  But now that Cindy and I are helping our daughter to raise our grand-daughter, my expected life roles are different than I anticipated.  I love my grand-daughter even more than I can express.  But I really need God to empower me to be the kind of influence that my daughter and my grand-daughter really need.  So I’ am re-dedicating myself to the task of becoming a family leader once again.

But rather than prattle on, I’ll close this post out very simply.  I covet your prayers.  The surgery is scheduled for March 3, 2010.  I may live tweet before and after.  But that will depend upon how out-of-it I feel and whether I can smuggle my phone into the hospital with my stuff.  Maybe I can talk to the doctor and see if he tweets.  It would be quite cool to have some kind of live stream.

But between now and then, I covet your prayers.  Pray that I will become the man that God wants me to be.  Pray that my heart is young enough to listen to what God wants rather than just requesting his blessings on what I want.

-Roo