David Goggins
Former Navy Seal
Career Development
Bryan Cranston
Critical Thinking
Liv Boeree
International Poker Champion
Emotional Intelligence
Amaryllis Fox
Former CIA Clandestine Operative
Chris Hadfield
Retired Canadian Astronaut & Author
from the world's big
Start Learning

Hacking the Human Heart

Criminal Implications of Implantable Medical Devices

Since the dawn of the 1970′s television action show the Six Million Dollar Man, the public has been fascinated by bionics and the integration of technology into the human body.  What once seemed to be a far-off science fiction fantasy, is increasingly, however, becoming real.  For years, surgeons have been replacing human body parts with human donor-supplied biological alternatives.  It has become commonplace in medicine to transplant a human heart, kidney or liver from a deceased individual and place it into a living donor.  These procedures would have been unthinkable just 50 years ago, yet today are now commonplace.

The business of replacing damaged or missing body parts is not new.  For example, the cultural image of a pirate with a “peg-leg” and a hook for an arm has been ingrained in our collective minds for some time.  Yet vast improvements in prosthetics have been achieved since those days of yore.  In fact, today’s modern prosthetics are significantly more sophisticated, with some even equipped with robotic components that are linked to bio-sensors capable of detecting signals from the human user’s nervous and muscular systems.  These signals can be relayed to the replacement prosthetic limb and carry out the desired bio-mechanical activity.  Thus today there is not just one bionic man to speak of, but many bionic men and woman who walk the earth.

As medical science progressed, entirely artificial organs have been created and implanted into human beings.  Those alive in the 1980′s will recall the enormous global fanfare received by Dr. Barney Clark and his artificial heart.  Dr. Clark was kept alive with the Jarvik 7 artificial heart for 112 days–a medical miracle at the time.  Since then, vast improvements have been made in artificial body parts, making them smaller and more technically advanced.

Past prosthetic devices, such as Captain Hook’s replacement hand, were readily understandable and simple technologies.  The Captain could remove and adjust the peg-leg and hook himself.  Over time, however, as increasing waves of sophisticated technologies were incorporated into new medicial devices themselves.  As evidenced with Barney Clark’s artificial heart, the device itself was connected to a phalanx of back-end technology which occupied an entire hospital room.  While the artificial heart lied in Dr. Clark’s chest doing its work, it was attached to a number of external devices that physicians would visit in his hospital room to control the heart’s activities.

In the age of Moore’s Law and computer miniaturization, it should come as no surprise that these devices have shrunk significantly.  Now, for example, a heart’s pacemaker may be placed wholly in a self-contained apparatus resting entirely within the human chest.  There is no need for the constant connection to external devices, nor for the team of physicians to monitor the device at a patient’s bedside.  Now it is possible for a heart pacemaker to work on its own, based upon a set of pre-established operating instructions. 

In the United States alone, hundreds of thousands of internal heart defibrillators have been implanted to regulate the damaged hearts of patients needing such assistance, including many well-know individuals, such as former US Vice President Dick Cheney. As a particularly polarizing public figure, it would not be surprising to learn that Mr. Cheney had a number of enemies and it was the job of the U.S. Secret Service to protect him from any threat--including any potential attacks against the critical technology implanted in his chest and upon which his life depended.

As medical devices have evolved and miniaturized, they have developed the capability of being controlled wirelessly, including remotely over the Internet. The benefits are obvious– wireless and remote control of implanted medical devices allow patients much greater mobility and obviate the need for daily trips to a doctor’s office.  In addition, these devices can dramatically lower health care costs, guaranteeing their wider user and acceptance moving forward.

These cost savings have lead to an increase in remote patient monitoring systems, which are proliferating beyond heart-beat regulation to other medical conditions, such as diabetic insulin pumps.  While these developments will undoubtedly help patients and improve the quality of their lives, insufficient attention is being paid to the security of artificial medical devices.

While nobody worried about the 6 Million Dollar Man being hacked, the time has come to seriously consider the security protocols, or lack thereof, of today’s modern medical devices.  The integration of technology into the human body has created opportunities for newer and more serious forms computer crime and hacking.  In the past, a hacker might have been able to illegally enter a  desktop computer system, read a targets personal data or even gain control of another person’s financial accounts.  In comparison to the potential threat from Internet-based medical devices, the threats from “old-school” hacking seem mild by comparison.

As information technology is increasingly integrated with the human body, what forms of next generation criminal activity will be possible?  An insulin pump connected to the Internet means a patients insulin levels might be tampered with to cause diabetic coma, shock and even death.  An extra and unnecessary jolt from a pacemaker could lead to cardiac arrest.  To a victim's family, these deaths would likely appear natural (given the poor pre-existing medical conditions of the victims).  Even if a case were to go to the coroner’s office for review, how many public medical examiners would be capable of conducting a complex computer forensics investigation?  The evidence of medical device tampering might not even be located on the body, where the coroner is accustomed to finding it, but rather might be thousands of kilometers away, across an ocean on a foreign computer server.

The rapid advances in medical technology, paired with the relative paltry consideration of security in medical devices, should be a wake-up call for those that build and implement these life-saving technologies.  Given the public health issues at-stake, a closer regulatory approach should be considered as well as vigorous public discussion.  Unless some steps are taken now to deal with medical device security, a whole generation of devices may be implanted which are subject to remote tampering and interference.  Repairing the existing security holes in those devices would likely be more complex than downloading the latest “patch” from the manufacturer's servers.  Rather, a security update might mean the necessity of a second surgical procedure to remove or upgrade an insecure device.

In the near future, the need to deal with medical device security will take on a greater sense of urgency, given the coming explosion in medical nanotechnology or nanomedicine.  While the development of these technologies will surely alleviate human suffering and disease, unless the important security-related issues of integrated human-machine interaction are addressed, society may be confronted with a whole new meaning for the term “heart attack.”

See report on Heart Device Vulnerable to Hacker Attack @ the New York Times.

LIVE ON MONDAY | "Lights, camera, activism!" with Judith Light

Join multiple Tony and Emmy Award-winning actress Judith Light live on Big Think at 2 pm ET on Monday.

Big Think LIVE

Add event to calendar

AppleGoogleOffice 365OutlookOutlook.comYahoo

Keep reading Show less

Neom, Saudi Arabia's $500 billion megacity, reaches its next phase

Construction of the $500 billion dollar tech city-state of the future is moving ahead.

Credit: Neom
Technology & Innovation
  • The futuristic megacity Neom is being built in Saudi Arabia.
  • The city will be fully automated, leading in health, education and quality of life.
  • It will feature an artificial moon, cloud seeding, robotic gladiators and flying taxis.
Keep reading Show less

Study details the negative environmental impact of online shopping

Frequent shopping for single items adds to our carbon footprint.

A truck pulls out of a large Walmart regional distribution center on June 6, 2019 in Washington, Utah.

Photo by George Frey/Getty Images
Politics & Current Affairs
  • A new study shows e-commerce sites like Amazon leave larger greenhouse gas footprints than retail stores.
  • Ordering online from retail stores has an even smaller footprint than going to the store yourself.
  • Greening efforts by major e-commerce sites won't curb wasteful consumer habits. Consolidating online orders can make a difference.
Keep reading Show less

Childhood sleeping problems may signal mental disorders later in life

Chronic irregular sleep in children was associated with psychotic experiences in adolescence, according to a recent study out of the University of Birmingham's School of Psychology.

A girl and her mother take an afternoon nap in bed.

Personal Growth
  • We spend 40 percent of our childhoods asleep, a time for cognitive growth and development.
  • A recent study found an association between irregular sleep patterns in childhood and either psychotic experiences or borderline personality disorder during teenage years.
  • The researchers hope their findings can help identify at-risk youth to improve early intervention.
  • Keep reading Show less

    Why do people believe in conspiracy theories?

    Are we genetically inclined for superstition or just fearful of the truth?

    Scroll down to load more…