Security team proves car systems can be hacked
SAN FRANCISCO (KGO) -- Technology is making our lives easier in many ways, but it comes with a dark side. Now, a Bay Area congresswoman is calling for tougher standards, after the discovery that medical devices could be hacked and that's not all that could be vulnerable.
Congresswoman Anna Eshoo, D-Palo Alto, called on the FCC to review security standards for medical devices that rely on wireless communications. Things like implants and insulin pumps could be at risk of being hacked which could endanger lives.
The concern over insulin pumps comes from a computer security expert who also happens to be a diabetic. At a security conference this month he showed how he could remotely re-program his insulin pump. Hacking has also occurred against pacemakers and defibrillators which use wireless communications like so many facets of our lives.
Two people who know that well are San Francisco security consultants Don Bailey and Mat Solnik of iSEC partners. While they don't deal with the issue of medical devices, they are working to stay one step ahead of hackers.
"A lot of things that are actually improving and making our lives easier, but at the same time with these devices there becomes the issue of what they actually have control over," said Solnik.
One device they investigated is the car security system. They recently demonstrated how they could bypass a car alarm with a few keystrokes on a laptop. They were able to open the locked door and start the engine.
Anti-theft systems rely on cellular telephone networks which allow one machine to talk to another often through a text message.
"So anything that uses that system is going to be vulnerable to a range of potential attacks and you'll see that in almost every industry today worldwide," said Bailey.
Wireless signals are behind home security systems, ATMs, power grids and pipelines. The security consultants say the unnamed car alarm company they were able to breach quickly fixed the problem. They say consumers should ask questions before buying.
"Now a telltale good sign is a manufacturer publicly stating we have had our security reviewed by a third parties," said Solnik.
But it may be a tough sell in a quickly changing technology.
"Everything's connected with the Internet, Wi-Fi, whatever it may be, all these different systems that are supposed to be secure, but they're really not," said Oakland resident Jordan Williams.
With regard to medical devices, industry officials are downplaying the threat, saying the average person wouldn't be able to figure out how to hack an insulin pump or pacemaker. Still, the FCC is being asked to look into the issue.
FCC, hacking, technology
- Family: Children's Hospital calls girl 'dead'
- Senator Harry Reid in hospital for observation
- BART Board president wants to ban transit strikes
- 'Wonder Girl' cancer patient is inspiration for Vallejo
- Garbage truck fatally strikes man in Tenderloin 59 min ago
- SFFD battle 1-alarm blaze near the Panhandle
- San Jose charity 3,000 short of toy distribution goal
- '628' area code to begin in '415' region in 2015
- Last minute Christmas shopping is in full swing
- Only On 7: Sneak peek at the SF Zoo's baby gorilla
- abcnews: Dancing doctor gets tickets to Beyonce show
- Bay Area New Year's Eve fireworks and events
- roundup: CPUC fines PG&E; Homeless memorial
- weather: Bay Area weather forecast for Friday
Most Viewed StoriesMost Viewed Photos