HackingPhysicians feared terrorists might hack Dick Cheney’s cardiac defibrillator
In a 60 Minutes segment aired yesterday (Sunday), former vice-president Dick Cheney told the interviewer that his doctors turned off the wireless function of his implanted cardiac defibrillator (ICD) “in case a terrorist tried to send his heart a fatal shock.” Asked about the concern of Cheney’s physicians, electrophysiologists — these are the cardiologists who implant ICDs – say that as far as they know, this has never happened in the real world but that it is impossible to rule out the possibility.
Vice President Dick Cheney's doctors worried about terrorists hacking his pacemaker // Source: commons.wikimedia.org
In a 60 Minutes segment aired yesterday (Sunday), former vice-president Dick Cheney told the interviewer that his doctors turned off the wireless function of his implanted cardiac defibrillator (ICD) “in case a terrorist tried to send his heart a fatal shock.” The Washington Post reports that,
Years later, Cheney watched an episode of the Showtime series “Homeland” in which such a scenario was part of the plot.
“I found it credible,” Cheney tells “60 Minutes” in a segment to be aired Sunday. “I know from the experience we had, and the necessity for adjusting my own device, that it was an accurate portrayal of what was possible.”
Forbes asked three experienced electrophysiologists — these are the cardiologists who implant ICDs – whether this the 60 Minutes segment described a realistic scenario. The three doctors said that as far as they knew, this has never happened in the real world but that it is impossible to rule out the possibility.
Here is the answer given by one of the doctors, Westby Fisher, who practices at NorthShore University HealthSystem in Evanston, Illinois, and is a Clinical Associate Professor of Medicine at the University of Chicago’s Pritzker School of Medicine:
Daniel Halperin with William Maisel, MD and colleagues set out to hack a Medtronic ICD and did in a paper published in 2008 in IEEE.
They were within 4 inches of the device and reverse-engineered the telemetry protocol. Their point: data are not encoded. This since has been changed, but devices that once used electromagnetic coupling have been “upgraded” to radio waves in the medical frequency (400-405 MHz). Though no device has ever been hacked with the new technology to my knowledge, the new technology offers potential opportunities IF an electromagnetic handshake first weren’t required, like it is now.
Cheney’s paranoia was a bit excessive, but then again, who knows in the world of espionage…
Edward J Schloss, the medical director of Cardiac Electrophysiology at the Christ Hospital in Cincinnati, Ohio, told Forbes: “If I were the vice president, I would probably want to work with industry to minimize my risk.”
See this blog post for a detailed of the Homeland episode from the perspective of cybersecurity experts.
— Read morein Daniel Halperin et al., “Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses,” IEEE Symposium on Security and Privacy (2008): 129-42 (doi: 10.1109/SP.2008.31)
