Could hackers use pacemakers to commit mass murder?

One researcher demonstrates how easily the heart-monitoring devices can be accessed by outsiders

A pacemaker in an x-rayed chest: The life-saving device may be vulnerable to hackers.
(Image credit: Thinkstock)

The idea of a hacker breaking into your computer and ruining your reputation is terrifying enough. But the damage they could do to your body is potentially even worse. New research suggests that pacemakers could be accessed by hackers and used to send deadly shocks to their hosts. Here's what you should know:

Remind me again: What exactly does a pacemaker do?

A pacemaker is an electrical device that helps control irregular heartbeats using electrical pulses. They are about the size of a pocket watch, and are placed under the skin near the heart.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.


Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

And they are easily hacked?

Well, not easily. But it's "100 percent possible," says Barnaby Jack, Director of Security Research for a security company called IO Active. At a recent conference, Jack used a laptop to hack into a remote pacemaker, and reverse-engineered it to send a series of deadly 830-volt shocks. Jack then took the demonstration one step further, accessing the device's model and serial number, as well as usernames and passwords for the manufacturer's development servers. Using this information, he says it would be very easy to load a virus that could spread between numerous pacemakers, giving a malevolent hacker the ability to commit mass murder.

Is this part of a larger problem?

Yes. "The next frontier of computer hacking could be lifesaving devices," says Gregory Ferenstein at TechCrunch. Computers used in hospitals to monitor patients are reportedly rampant with computer viruses, with at least one U.S. hospital reportedly deleting viruses from its machines every week. Many of these computers run on outdated operating systems, Kevin Fu, a medical technology expert tells Technology Review. "I find this mind-boggling," Fu says. "There's little recourse for hospitals when a manufacturer refuses to allow OS updates."

What's to be done?

First, take comfort in knowing "there have been no documented criminal attempts at infiltration," TechCrunch's Ferenstein says. Still, Fu says hospitals need to stop using insecure operating systems, and that "more hospitals and manufacturers need to speak up about the importance of medical-device security." As for the pacemakers, Jack has notified the manufacturer of the one he hacked and advised that they step up their security. “Sometimes you have to demonstrate the darker side" to enact reform, he tells SC Magazine.

Sources: SC Magazine, TechCrunch, Technology Review, Web Pro News

Continue reading for free

We hope you're enjoying The Week's refreshingly open-minded journalism.

Subscribed to The Week? Register your account with the same email as your subscription.