Pacemakers prone to getting hacked

Web Apps Input fuzzing via Burp Macros
Automating Web Apps Input fuzzing via Burp Macros
September 3, 2017
cms pentration testing
BlueBorne- the lethal attack to take over your devices
September 13, 2017

September 5, 2017

Recently the The FDA and Homeland Security have issued alerts about vulnerabilities in 4,65,000 pacemakers.

The devices can be remotely “hacked” to increase activity or reduce battery life, potentially endangering patients.

Feasible vulnerabilities:

  1. Absence of memory and encryption:

In such embedded devices there is a lack to support proper cryptographic encryption.

Conventional cryptography suites are designed for computers, and involve complex mathematical operations which are beyond the power of small, cheap IoT devices.

2. Improper authentication can be used to compromise or bypass allowing a nearby attacker to issue commands to drain the battery.

3.  Remote monitoring versus security

Remote monitoring is a life-saving technology for patients with these devices since its software can be smoothly updated by doctors.

Unfortunately, this remote control feature creates a whole new type of vulnerability. Any doctor can remotely update your software and the same can be exploited by hackers too.

Discover more from SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management

Subscribe now to keep reading and get access to the full archive.

Continue reading

Enable Notifications OK No thanks