Email Print Share

"Cardi-Hack" -- The Discovery Files

The Discovery Files
Audio Play Audio
The Discovery Files podcast is available through iTunes or you can add the RSS feed to your podcast receiver. You can also access the series via AudioNow® by calling 641-552-8180 on any telephone.

Nearly a million new forms of malware are unleashed on the world every day. Manufacturers of software for smartphones, laptops and security cameras, as well as banks, retailers and government agencies, release upgrades frequently to try to protect customers and assets. Yet the millions of people with implanted medical devices typically never receive software upgrades to address security vulnerabilities for the gadgets in their bodies. Researchers have built a prototype of a network-connected pacemaker and are running experiments based on case studies of malware infecting other types of embedded systems.

Credit: NSF/Karson Productions

Audio Transcript:

Keeping pace.

I'm Bob Karson with the Discovery Files -- new advances in science and engineering from the National Science Foundation.

Retailers, banks, government agencies -- anyone who wants to protect their assets and customers, regularly updates their cybersecurity to thwart potential attacks. But there's one area that till now has remained surprisingly vulnerable: implantable medical devices, such as pacemakers. In the next few years, millions of implanted devices: pacemakers, insulin pumps, brain neurostimulators -- will rely on connectivity for control and monitoring.

Engineers at the University of Arizona have developed a prototype pacemaker system that was able to catch 100 percent of mimicked malware attacks. Their system is based on what's called: "runtime anomaly detection" -- in other words it detects miniscule differences in the timing of how computations and data are transmitted. If something seems a little hinky, the system would report it to a medical professional who could take action remotely.

Previous research warns it is possible for a hacker to put a patient with a pacemaker into cardiac arrest. Before you get alarmed that this could be the new invasion of the body hackers, the team tells us that so far there are no known cases of hacking an implantable medical device.

Thankfully, someone's staying a heartbeat ahead of the hackers.

"The discovery files" covers projects funded by the government's National Science Foundation. Federally sponsored research -- brought to you, by you! Learn more at or on our podcast.

General Restrictions:
Images and other media in the National Science Foundation Multimedia Gallery are available for use in print and electronic material by NSF employees, members of the media, university staff, teachers and the general public. All media in the gallery are intended for personal, educational and nonprofit/non-commercial use only.

Images credited to the National Science Foundation, a federal agency, are in the public domain. The images were created by employees of the United States Government as part of their official duties or prepared by contractors as "works for hire" for NSF. You may freely use NSF-credited images and, at your discretion, credit NSF with a "Courtesy: National Science Foundation" notation. Additional information about general usage can be found in Conditions.

Also Available:
Download the high-resolution JPG version of the image. (66.6 KB)

Use your mouse to right-click (Mac users may need to Ctrl-click) the link above and choose the option that will save the file or target to your computer.

MP3 icon
NSF podcasts are in mp3 format for easy download to desktop and laptops, as well as mobile devices capable of playing them.