Barnaby Jack, director of embedded device security at IOActive, has mysteriously died after he revealed that he knew of a technique for hacking into implanted heart devices that “could kill a man from 30 feet away.”
Jack said that he was sure this technology “could [have] lethal consequences.”
Jack was supposed to speak at the Black Hat convention to be held in San Francisco where he was expected to demonstrate his knowledge.
This conference is supported by tech giants such as:
The Medical Examiner’s Office in San Francisco has confirmed that Jack died; but has not released details on the cause of death.
Immediately, the local police ruled out foul play in Jack’s death.
Jack told mainstream media in his last interview that he “had devised a way to attack heart patients by hacking into a wireless communications system that links implanted pacemakers and defibrillators with bedside monitors that gather information about their operations.”
Jack is most well known for having exposed how ATM’s could be manipulated to spit out cash, called “Jackpotting”.
In researching how vulnerable a new model of wireless pacemakers and Implantable Cardioverter Defibrillators (ICDs), Jack “created software for research purposes that will wirelessly scan for new model ICDs and pacemakers without the need for a serial or model number. The software then allows one to rewrite the firmware on the devices, modify settings and parameters, and in the case of ICDs, deliver high-voltage shocks remotely.”
ICDs are a “small battery-powered electrical impulse generator that is implanted in patients who are at risk of sudden cardiac death due to ventricular fibrillation and ventricular tachycardia.”
The Food and Drug Administration (FDA) issued a warning that pacemakers and hospital electrical equipment could be hacked into and pose a cybersecurity threat because of “out-of-date software” and lack of protection at internet connections.
Medical device manufacturers are being admonished by the FDA to provide the federal government with security plans as part of their approval process.
Devices have already been identified as being compromised by malware.
Archimedes , the Ann Arbor Research Center For Medical Device Security, issued a report that found patients, including former Vice President Dick Cheney, implanted with ICDs have nothing to fear from hackers.
In 2002, researchers discovered that ICDs are prone to malfunction and those failures could induce a heart attack in patients.
Boston Scientific was granted approval by the FDA for their “subcutaneous implantable defibrillator (S-ICD) for the treatment of patients at risk for sudden cardiac arrest (SCA)” in 2012.
This opened up “an important new treatment option for a wide range of primary and secondary prevention” procedures which could translate into millions in revenue for the medical community and manufacturers.
Considering the back and forth between the FDA and manufacturers on whether or not ICDs are safe, it is curious that Jack suddenly dies just before he was scheduled to appear at the Black Hat conference where he was going to explain and demonstrate how a hacker could remotely control ICDs.
Jack new, through extensive research the ICDs could be used to kill people in a virtually undetectable way through hacking into the device.
However, Jack will not be exposing how dangerous ICDs are at the conference.
daily alternative | alternative news – Hacker Mysteriously Dies Before He Reveals How to Remotely Kill a Man