Security team proves car systems can be hacked
SAN FRANCISCO (KGO) -- Technology is making our lives easier in many ways, but it comes with a dark side. Now, a Bay Area congresswoman is calling for tougher standards, after the discovery that medical devices could be hacked and that's not all that could be vulnerable.
Congresswoman Anna Eshoo, D-Palo Alto, called on the FCC to review security standards for medical devices that rely on wireless communications. Things like implants and insulin pumps could be at risk of being hacked which could endanger lives.
The concern over insulin pumps comes from a computer security expert who also happens to be a diabetic. At a security conference this month he showed how he could remotely re-program his insulin pump. Hacking has also occurred against pacemakers and defibrillators which use wireless communications like so many facets of our lives.
Two people who know that well are San Francisco security consultants Don Bailey and Mat Solnik of iSEC partners. While they don't deal with the issue of medical devices, they are working to stay one step ahead of hackers.
"A lot of things that are actually improving and making our lives easier, but at the same time with these devices there becomes the issue of what they actually have control over," said Solnik.
One device they investigated is the car security system. They recently demonstrated how they could bypass a car alarm with a few keystrokes on a laptop. They were able to open the locked door and start the engine.
Anti-theft systems rely on cellular telephone networks which allow one machine to talk to another often through a text message.
"So anything that uses that system is going to be vulnerable to a range of potential attacks and you'll see that in almost every industry today worldwide," said Bailey.
Wireless signals are behind home security systems, ATMs, power grids and pipelines. The security consultants say the unnamed car alarm company they were able to breach quickly fixed the problem. They say consumers should ask questions before buying.
"Now a telltale good sign is a manufacturer publicly stating we have had our security reviewed by a third parties," said Solnik.
But it may be a tough sell in a quickly changing technology.
"Everything's connected with the Internet, Wi-Fi, whatever it may be, all these different systems that are supposed to be secure, but they're really not," said Oakland resident Jordan Williams.
With regard to medical devices, industry officials are downplaying the threat, saying the average person wouldn't be able to figure out how to hack an insulin pump or pacemaker. Still, the FCC is being asked to look into the issue.
FCC, hacking, technology
- At least 10 arrested at "420" celebration in SF
- Good Samaritan pulls boy from water in San Leandro
- Four stabbed at bar, restaurant in San Jose
- Divers recover more bodies from sunken ferry
- San Francisco officer dragged by suspect getaway car
- Fairfield resident killed, boy injured after shooting
- Santa Rosa crash causes massive power outage
- Highway 1 reopens after major injury crash
- Posey, Lincecum lead San Francisco Giants to 4-3 win
- Chavez gets 1st win, A's complete sweep of Astros
- Boxer Rubin 'Hurricane' Carter dies at 76
- Miss America: Don't suspend teen over prom invite
- Minimalists find happiness living with less
- weather: Bay Area weather forecast for Monday