DEF CON 2018: Hacking Medical Protocols to Change Vital Signs


In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other gadgets found in hospital rooms use aging protocol to communicate with nurses’ stations and doctors; and as such, can be easily subverted.

Case in point is the RWHAT protocol, one of the networking protocols used by medical devices to monitor a patient’s condition and vital signs. Doug McKee, senior security researcher at McAfee’s Advanced Threat Research team, has discovered a weakness that allows data on the patient’s condition to be modified by an attacker in real-time, to provide false information to medical personnel.

Read more…
Source: ThreatPost