Friday, June 9, 2017

WHEN SMART MEDICAL DEVICES BECOME OUR WORST NIGHTMARE


The Internet of Things (IoT) affects the way we work, play, and live, but not just in a cultural sense. What if living meant that your life was literally a click away from danger? Society is pioneering the frontier of smart medical devices that integrate our personal health with the pervasive computing world. Imagine a scenario where exploits were created to target medical devices and act maliciously. In our recent research, we’ve already exploited the electronics of one such device, an electric wheelchair by attaching a Raspberry Pi3. Now, we are looking to remotely gain control over the chair with the onboard Bluetooth module. This puts people at risk from those who can gain remote control. Further, what if wheelchairs become a national security threat and were able to hack street lights, mobile phones or cars fitted with Bluetooth Chairs could potentially infect anything in their path, leading to global fear that any device can be hacked and be used against anyone. Chairs are excellent malware vectors because they have Bluetooth which allows attacks on nearby devices. We were among the first to exploit a power wheelchair physically (presented at DEF CON 24 IoT Village and GeekPwn 2016) and since then, we have begun improving this research. In our presentation, we will briefly discuss our former fieldwork along with exploring the possibilities of adding malware remotely to chairs. This in order to see what kind of threats would exist if chair malware is possible. The goal of our research is to reveal security issues of medical devices developers so that they can ensure protection from the start, rather than taking measures after devices are compromised. Stephen has been in a wheelchair his whole life and the relevancy of our research is significant for not only him, but the entire world. Overall, we want to ensure both national security and security for medical device users of all kinds.
by Kaspersky Lab via Endless Supplies .Us - Brands

No comments: