joeross.me

Patrick Gray, writing at The Register:

Jack also warned of a worst-case scenario in which a worm could infect multiple devices, spreading from patient to patient, re-flashing the devices with malicious code as it foes. This code could be programmed to deliver fatal shocks to patients implanted with vulnerable implants at a scheduled time.

So many lives depend upon the safe operation of a device like a pacemaker, including some of my dearest family. The good news here is that the researcher who discovered the vulnerability is ready and willing to work with manufacturers to design around the security weaknesses in these devices.

But perhaps more importantly, what about devices that have already been implanted in patients? I hope the corrections can be made via a software update so that even current patients can receive the fixes.

As an aside, this technology could also be used in the cyberwarfare arena for exceptionally clandestine assassinations.