Medical Hacks

Medical Hacks

Usually when we talk about the dangers of cyber attacks, we are concerned with the dangers of someone stealing, spying, or systematically corrupting our information systems.

But Barnaby Jack who died last week at age 35 brought us awareness of another, more personal and perhaps dangerous hack…that of hacking medical devices.

Barnaby, a director at computer security firm IOActive, became known first in 2010 for being able to hack at cash machine and have it dispense money.

In 2012, he drew attention to a flaw in insulin pumps whereby someone could cause it to administer a fatal dose to its unknowing victim.

This week, Barnaby was going to demonstrate how heart implants could be hacked, killing a man from 30 feet away.

With advances in the miniaturization and battery life of personal medical devices and implants for monitoring and managing patients health, more and more people could be exposed to malicious or murderous cyber attacks on their body.

With the potential for RFID embedded chips for managing our personal identities to bionics for replacing or enhancing human body parts with electronic and mechanical implants, the opportunity for someone seriously messing with our physical person grows each day.

If dangerous vulnerabilities are discovered and exploited in these devices, an enemy could go from the traditional attack on our information systems to potentially sickening, disabling, or even killing millions at the stroke of some keys.

Imagine people keeling over in the streets as if from a surprise attack by a superior alien race or the release of a deadly chemical weapon, only it’s not extraterrestrial or kinetic, but instead a malevolent cyber attack by a hostile nation or cyber terrorist group taking aim at us in a whole new and horrible way.

(Source Photo: here with attribution to Bhakua)

This Tape Will Self Destruct In Five Seconds

This Tape Will Self-Destruct In Five Seconds

Ever since the 1960’s airing of Mission Impossible, where each episode started with the instructions for a dangerous mission on a tape recording, which ended with “This tape will self-destruct in five seconds,” have we all recognized the need for self-destructing devices to safeguard information.

This message has been honed over the last three decades with compromising security incidents:

1979: Iranian demonstrators stormed the U.S. Embassy in Tehran and according to UMBC “the incinerator broke” as personnel tried to destroy sensitive documents and they had to revert to shredding.

2001: A Chinese J-8 fighter aircraft collided with a EP-3 U.S. Intel aircraft which according to CNN was “likely equipped with highly sensitive equipment” and landed on the Chinese island of Hainan providing China the opportunity to board, disassemble, and study the equipment before it was returned three months later.

2011: Iran captured an RQ-170 Sentinel Drone and USA Todayreported on Iran’s claims that “all files and boards of the drone were copied and used to improve Iran’s unmanned aircraft.” Also in 2011 in the assault on Osama Bin Laden, a secret stealth helicopter that took a hard-landing had to be destroyed before special forces pulled out–however according to the New York Times, “a surviving tail section reveal modifications to muffle noise and reduce the chances of detection by radar” was left behind providing others the opportunity to learn about our sensitive technologies.

Additionally, as ever more advanced technology continues to enter the battlefield the threat of its capture and exploitation becomes increasingly concerning.
In this context, Defense Advanced Research Projects Agency (DARPA) announced the start up of a new program on 28 January 2013 called Vanishing Programmable Resources (VAPR).

VAPR is intent on developing technologies for “transient electronics…capable of dissolving into the environment around them.”

The goal is that “once triggered to dissolve, the electronics would be useless to any enemy that comes across them.”

According to Armed Forces International, along with the destruction of the electronics would be “taking classified data with it.” Thereby preventing the enemy from using captured information to develop countermeasures or reverse engineer their finds.

Transient electronics are intended to be rugged on the battlefield but able to be destroyed on command, perhaps by biomedical implants that release “a few droplets of [a self-destruct] liquid” or other means.

Whether self-destructing in five seconds or slightly more, the need to preserve our sensitive battlefield technologies and the intelligence they contain has never been more vital. 😉

(Source Photo: here with attribution to Mike Licht)

When Incremental Improvement isn’t Enough

When Incremental Improvement isn't Enough

One of the things that I love about the Intelligence Community (IC) is that they think future and they think big.

Noah Schactman in Wired Magazine (12 December 12–great date!), gave a snapshot view of 2030 as provided by the National Intelligence Council (NIC).

Some of the predictions (or aspirations) include:

– Bioprinting such as creating 3-D printed organs (how’s that for your orchestrating your own organ transplant?)

– Retinal implants for night vision thermal imaging, seeing the distance without binoculars, or even one-upping Google Glass by providing augmented reality in your eye instead of over it

– Brain chips for superhuman thought and recall (those without remain doomed to brain farts, in comparison)

– Bioweapons where DNA is used to target and take out people by genetically engineering viruses to attack them, specifically, without leaving any markers

– People embedded in machines–reminiscent of when Ripley in the movie Alien enters in an exoskelton robotic suit to kick some Alien butt!

Other predictions include: megacities, climate change, big data clouds, aging populations, and more drones.

While some of these advances are incremental in nature–for example genetic engineering and bioweapons are incremental steps from DNA sequencing of humans.

However, other leaps are more dramatic.

An article by Stephen Levy in Wired (17 January 2013) discusses how Larry Page (one of the Google founders) strives for inventions that are magnitudes of “10x” (often actually 100x) better than the status quo, rather than just 10% improvements.

Google has many examples of leaping ahead of the competition: from its transformative search engine which has become synonymous with search itself to Gmail which came out with 100x the storage of its competitors, Translations for the entire web from/to any language, Google Fiber with broadband at 100x faster than industry speeds prototyped in Kansas City, Google Books providing a scanned and searchable archive of our global collection of books and magazines, Google+ for social media (this one, I see as just a Facebook copycat–to get on Facebook’s nerves!), Google Maps for getting around, Android their open platform operating system for mobile devices, and even self-driving cars–many of these are developed by Google X–their secret skunk work lab.

I really like Google’s concept of going for the “moon shot” rather than just tweaking technology to try and stay ahead of the competition, temporarily.

And as in space, there is so much territory to explore, Google believes it is attacking just .1% of the opportunities out there, and that the tech industry as a whole is attacking maybe 1% in aggregate–that leaves 99% or plenty of opportunity for all innovators and inventors out there.

To get to 2030 and beyond–we’re just at the tip of the innovation iceberg! 😉

>Embedded Systems and Enterprise Architecture

>Information technology is not just about data centers, desktops, and handheld devices anymore. These days, technology is everywhere—embedded in all sorts of devices from cars and toaster ovens to traffic lights and nuclear power plants. Technology is pervasive in every industry from telecommunications to finance and from healthcare to consumer electronics.

Generally, embedded systems are dedicated to specific tasks, while general-purpose computers can be used for a variety of functions. In either case, the systems are vital for our everyday functioning.

Government Computer News, 15 December 2008 reports that “thanks to the plummeting cost of microprocessors, computing…now happens in automobiles, Global Positioning Systems, identification cards and even outer space.

The challenge with embedded systems are that they “must operate on limited resources—small processors, tiny memory and low power.”

Rob Oshana, director of engineering at Freescale Semiconductor says that “With embedded it’s about doing as much as you can with as little as you can.”

What’s new—haven’t we had systems embedded in automobiles for years?

Although originally designed for interacting with the real world, such systems are increasingly feeding information into larger information systems,” according to Wayne Wolf, chair of embedded computing systems at Georgia Institute of Technology.

According to Wolf, “What we are starting to see now is [the emergence] of what the National Science Foundation is called cyber-physical systems.”

In other words, embedded systems are used for command and control or information capture in the physical domain (like in a car or medical imaging machine), but then they can also share information over a network with others (think OnStar or remote medical services).

When the information is shared from the car to the Onstar service center, information about an accident can be turned into dispatch of life-saving responders. Similarly, when scans from a battlefield MRI is shared with medical service providers back in the States, quality medical services can be provided, when necessary, from thousands of miles away.

As we should hopefully have all come to learn after 9-11, information hoarding is faux power. But when information is shared, the power is real because it can be received and used by others and others, so that its influence is exponential.

Think for example, of the Mars Rover, which has embedded systems for capturing environmental samples. Left alone, the information is contained to a physical device millions of miles away, but sharing the information back to remote tracking stations here on Earth, the information can be analyzed, shared, studied, and so forth with almost endless possibilities for ongoing learning and growth.

The world has changed from embedded systems to a universe of connected systems.

Think distributed computing and the internet. With distributed computing, we are silos or separate domains of information, but by connecting the islands of information using the internet for example, we can all harness the vast amounts of information out there and in turn process it within our own lives and contribute back information to others.

The connection and sharing is our strength.

In the intelligence world, information is often referred to as dots, and it is the connection of the dots that make for viable and actionable intelligence.

As people, we are also proverbially just little dots in this big world of ours.

But as we have learnt with social media, we are able to grow as individuals and become more potent and more fulfilled human beings by being connected with others—we’ve gone from doing this in our limited physical geographies to a much larger population in cyberspace.

In the end, information resides in people or can be embedded in machines, but connecting the information to with other humans and machines is the true power of the information technology.