Overview
Delve into an eye-opening presentation that unveils the results of an 18-month independent case study on implanted medical devices. Explore detailed technical findings on remote exploitation of pacemaker systems, pacemaker infrastructure, and neurostimulator systems. Discover how these vulnerabilities can be exploited to disrupt therapy and even execute shocks to patients. Examine cyber security concerns, research findings, and the implications for patient safety. Learn about radio considerations, software delivery networks, and update infrastructures for various medical devices including insulin pumps, pacemakers, and ICDs. Understand the FDA's analysis and risk scoring system for these vulnerabilities. Gain insights into trust issues, remote access risks, and the broader implications for medical device security in this comprehensive 49-minute Black Hat conference talk.
Syllabus
Introduction
Presentation Overview
Cyber Security
Research Findings
What Went Down
Takeaway
Trust Issues
Remote Not Remote
Risk to Patient Safety
Insulin Pump
Radio Considerations
Pacemaker and ICD
Radio Communications
Software Delivery Network
Software Updates
Update Infrastructure
Report
FDA Analysis Board
pacemaker remotely
risk scoring system
Microsoft vulnerability
Questions
Taught by
Black Hat