Could Terrorists Have Hacked Dick Cheney’s ICD?

It happened in Homeland. Could it happen in real life?

In a 60 Minutes segment scheduled for broadcast tomorrow, Dick Cheney says that his doctors turned off the wireless function of his implanted cardiac defibrillator (ICD) “in case a terrorist tried to send his heart a fatal shock,” according to the Associated Press.

Years later, Cheney watched an episode of the Showtime series “Homeland” in which such a scenario was part of the plot.

“I found it credible,” Cheney tells “60 Minutes” in a segment to be aired Sunday. “I know from the experience we had, and the necessity for adjusting my own device, that it was an accurate portrayal of what was possible.”

I asked three experienced electrophysiologists– the cardiologists who devote a good part of their professional life implanting ICDs– whether this was a realistic concern…

Click here to read the full story on Forbes.

 

Comments

  1. Jeff Green says:

    Larry:

    Perhaps you should update your article, at least to say that ICDs might be hacked from up to 30 feet away. You might also mention the fate of the man who was about to present research on this:

    One thing your article downplays too much: researchers have shown that implanted devices can be effected from far greater distances than stated.

    http://www.ioactive.com/medical-device-security.html

    “In 2012, after years of research, Barnaby Jack, Director of Embedded Device Security for IOActive, released his findings that ICDs and insulin pumps can be compromised. In one of his examples, Jack was able to reverse engineer a pacemaker transmitter to make it possible to deliver deadly electric shocks to pacemakers within 30-feet. He was also able to rewrite the firmware for the devices.”

    Another thing you didn’t mention: the author of the article you cite at the end of your post was Barnaby Jack (the man mentioned above). Last July, Barnaby died unexpectedly, at the age of 35. He died just days before he was to give a talk about medical device (in)security at the Black Hat conference.

    http://www.securityweek.com/black-hat-barnaby-jack-talk-will-not-be-replaced

    “The organizers of the Black Hat security conference have issued a statement on the unexpected death of famed hacker Barnaby Jack, who died in San Francisco on Thursday, saying the planned talk on vulnerabilities in implantable medical devices by Jack on Thursday will not be replaced. Instead, the conference organizers said, the allotted hour on will [sic] be left vacant to commemorate his life and work.”

    http://www.slashgear.com/barnaby-jack-renown-hacker-dies-at-35-26291957/

    During the event next week, Jack was supposed to demonstrate how one can hack into implanted defibrillators and pacemakers, exposing vulnerabilities in the technology. According to Reuters, which interviewed the hacker earlier this month, he’d stated his method could “kill a man” with the implanted technology up to 30 feet away.

    Thanks!

  2. Jeff Green says:

    (I should have been more precise: you mention 30 feet when you quote Edward Schloss, but he attached the caveat that it requires very close contact at the start. The quote I sent may contradict this requirement for very close contact. Edward Schloss admits he doesn’t know the details of the tech. Barnaby Jack probably knew more tech than the manufacturers.)

    Sorry to be unclear.

  3. Bob Betts says:

    Cheney was kidding himself b/c no one cared(es) enough about him to expend the energy to hack his ICD

Leave a Reply

%d bloggers like this: