Analog sensors within cardiac devices and consumer devices are vulnerable to deliberate EMI signal injection attacks, according to research results recently published by an international team of scientists.
Researchers from the University of Michigan, University of Minnesota, University of Massachusetts, Harvard Medical School, Korea Advanced Institute of Science and Technology and the University of South Carolina successfully demonstrated the ability to disrupt implanted cardiac devices using radio frequency electromagnetic waves, creating a false signal that simulated an erratic heartbeat.
Implanted defibrillators are used to monitor the heart for irregular beating and administer an electric shock to return it to a normal rhythm if necessary. The creation of a false signal could potentially disrupt needed pacing or induce unnecessary defibrillation shocks.
Researchers used a signal generator operating at a variety of power settings and distances to measure the susceptibility of analog sensors in implantable defibrillators and consumer electronics. The signal generator, which operates in the 9.00 kHz to 2.02 GHz frequency range to modulate and transmit signals, sent test waveforms that included a simple 440 Hz sinusoid and an “arbitrary audio waveform.” Nicknamed the “Weezer” waveform, the audio was a sample of the alternative rock band’s popular 2001 song “Island in the Sun.”
The new findings are not the first example of vulnerabilities being identified in implantable medical devices. A 2008 study from a number of suggested that certain models of implantable defibrillators were vulnerable to software radio-based attacks, while a presentation by Jerome Radcliffe at the 2011 Black Hat Technical Security Conference discussed his success with hacking his insulin pump. In 2012, the U.S. Government Accountability Office (GAO) released a report asking the Food and Drug Administration (FDA) to consider the strong potential threat that medical device hacking presented.
However, according to the research team, the new findings reveal new security risks in “relatively common” analog sensors that were not previously examined in earlier research. These sensors, which rely on rely on inputs from the human body or the environment to cue particular actions, can be found in other devices, including Bluetooth headset microphones and computers in web-based phone calls.
According to the researchers, the same vulnerabilities in the implantable defibrillators were identified within these other devices.
“We found that these analog devices generally trust what they receive from their sensors, and that path is weak and could be exploited,” Denis Foo Kune, University of Michigan postdoctoral researcher and visiting scholar in computer science and engineering, said.
The researchers were able to gain unauthorized access to credit card information by fooling an automated banking line into “believing” that they were dialing certain touch-tone selections using “modulated EMI attacks.” Using the same interference, the research team was also able to block the audio in a Skype webcam session and substitute a recorded reading of Edgar Allan Poe: The Raven by James Earl Jones.
While the researchers emphasized that no case of a hacker corrupting an implanted cardiac or consumer electronic device has been previously reported, and doing so in the real world would be extremely difficult, the team is hopeful their findings will prompt further investigation into the security of sensing systems in medical and other devices. Several solutions proposed by the research team include software that could “ping” the cardiac tissue to determine whether the signal came from the heart or from interference and military-grade shields or filters.
“Security is often an arms race with adversaries,” Wenyuan Xu, assistant professor of computer science and engineering at the University of South Carolina, said. “As researchers, it’s our responsibility to always challenge the common practice and find defenses for vulnerabilities that could be exploited before unfortunate incidents happen. We hope our research findings can help to enhance the security of sensing systems that will emerge for years to come.”