Abstract
Implantable Medical Devices (IMDs) typically use proprietary protocols with no or limited security to wirelessly communicate with a device programmer. These protocols enable doctors to carry out critical functions, such as changing the IMD's therapy or collecting telemetry data, without having to perform surgery on the patient. In this paper, we fully reverse-engineer the proprietary communication protocol between a device programmer and the latest generation of a widely used Implantable Cardioverter Defibrillator (ICD) which communicate over a long-range RF channel (from two to five meters). For this we follow a black-box reverse-engineering approach and use inexpensive Commercial Off-The-Shelf (COTS) equipment. We demonstrate that reverse-engineering is feasible by a weak adversary who has limited resources and capabilities without physical access to the devices. Our analysis of the proprietary protocol results in the identification of several protocol and implementation weaknesses. Unlike previous studies, which found no security measures, this article discovers the first known attempt to obfuscate the data that is transmitted over the air. Furthermore, we conduct privacy and Denial-of-Service (DoS) attacks and give evidence of other attacks that can compromise the patient's safety. All these attacks can be performed without needing to be in close proximity to the patient. We validate that our findings apply to (at least) 10 types of ICDs that are currently on the market. Finally, we propose several practical short- and long-term countermeasures to mitigate or prevent existing vulnerabilities.
Original language | English |
---|---|
Title of host publication | ACSAC '16 |
Subtitle of host publication | Proceedings of the 32nd Annual Conference on Computer Security Applications |
Publisher | Association for Computing Machinery |
Pages | 226-236 |
ISBN (Print) | 9781450347716 |
DOIs | |
Publication status | Published - 5 Dec 2016 |
Event | 32nd Annual Computer Security Applications Conference (ACSAC 2016) - Los Angeles, CA, United States Duration: 5 Dec 2016 → 9 Dec 2016 |
Conference
Conference | 32nd Annual Computer Security Applications Conference (ACSAC 2016) |
---|---|
Country/Territory | United States |
City | Los Angeles, CA |
Period | 5/12/16 → 9/12/16 |