« Sam Talbot: Putting Life First. | Main | Different People With a Common Pain. »

Hacked: Jay Radcliffe, Insulin Pumps, and Diabetes Sensationalism.

Jay Radcliffe is a fellow type 1 diabetic, and I remember reading his diabetes blog way back in the day, when I first started blogging.  We read and commented on each other's posts, and we were both part of the blogosphere when the DOC first started to grow.  I knew he was married, had children, and did the day-to-day diabetes stuff that I did.  


Which is why when I read the mainstream media's take on his pump-hacking research (this article, Insulin Pumps Vulnerable to Hacking, for example), I reached out to him immediately.  "Can I just tell you that my mother sent me this article about your research?  Do you have time to talk?"


Jay was out in Las Vegas this morning, attending the Black Hat security conference, but he and I had a chance to hash it out over the phone.  


"I know you!  And I know you as a diabetic, not as this guy who hacks insulin pumps and has a billion articles floating around about it on the web right now.  I have a few questions.  Starting with, why did you decide to hack into your own insulin pump?"


"I'm a professional security researcher.  I'm curious - I want to find out how things work," Jay said.  "I saw a presentation two years ago on parking meter hacking, and I was really inspired by that.  It prompted me to talk to my co-worker with type 1 and said, 'We should try that.'  I'm wearing these devices every day, and I wanted to find out how secure these things are."


"So you took your own pump, and your own continuous glucose monitor, and hacked it to bits, literally and figuratively?"


"Hacking isn't what people often think it is.  It's not about breaking into things or being malicious.  Hacking is making something do something it's not supposed to do, or not intended to do.  Like the guys on Mythbusters do," Jay said.  "And vendors need to know about these vulnerabilities. Is it deterring from actual diabetes cure research?  I don't think so, but if it is, people can't be mad at me for bringing the issue up.  If you want your insulin pumps to be safer, I have to do this.  I'm sorry if it makes people upset, but I'm doing this as ethically as possible.  I didn't disclose the brand of device that I wear, and I kept the company protected to the best of my ability."



This makes sense, but I ran a quick Google search before getting on the phone with Jay, and I saw all kinds of articles making it sound like people with insulin pumps were the next targets for technological terrorism, and people within the diabetes community were upset because this kind of security breach potential could perhaps cause the already-slow FDA to cease diabetes device approvals in their tracks.  To me, as an Animas pumper who is waiting impatiently for the Vibe to be approved, I was not soothed.


"Are you concerned that you may have given the FDA another reason to hit pause on some device approvals?"  I asked him.  

"I am concerned.  Aren't you concerned about the fact that the FDA doesn't have any guidelines around wireless transmissions?  Don't blame the FDA's crappy process and make things less secure because you want something better.  Make it comprehensive and make it better, don't just move fast to get it on the market."


"I get that, but I’m not at all worried about someone hacking into my diabetes devices.  Jay, do you really think people with diabetes are targets of some kind?  And don't you wonder if, by bringing this issue up in such a public and pretty sensationalist way, that you're planting the idea into people's heads?" 

Jay is unflagging in support of his research.  "I've presented it on stage, and showed over five thousand hackers how to do it.  I suspended my own insulin pump, and I did it remotely.  And yet I'm still wearing my pump, and I am not afraid to wear my pump.  My hope is that other people will pick up the idea and work on it, and that the ethical and professional people will do more research and help make things secure."

"But do you really have to show the insulin pumper with X's over their eyes and the evil, pump-suspending guy lurking in the background?"

(I can't help it:  I respect the views of my fellow PWDs, but that doesn't mean I'm not frustrated when people sensationalize diabetes.  It's the same viewpoint I have when people want to use images of chainsaws when they are informing people about the very real risks of diabetes-related amputations.  I'm just not into that kind of press for diabetes.  I don’t agree with sensationalist journalism, so I don’t agree with the method that Jay chose to present his information. While I get the whole “sex sells, so you have to keep it sexy” ideology, his choice to present this security issue as though it was a secret agent plot isn’t something I agree with at all.  Similarly, I’m annoyed that the mainstream media is making it sound like diabetics wearing pumps are ticking targets.  This is the information about diabetes that makes the front page?  Societal fail.)

Fellow PWD and tech blogger, Scott Hanselman, summed it up nicely:  “I appreciate the message that Jerome is trying to get out there. Wireless medical devices need to be designed with security in mind. I don't appreciate blogs and "news" organizations inaccurately scaring folks into thinking this is a credible threat.”

"In security research, you have to bring home the point,” said Jay.  “The technical details can be boring, but a presentation at a conference like this can't be.  You need to show the most dramatic asset to keep people's attention and to make them care.  In this instance, the insulin pump is hackable.  I can suspend your pump.  And that can have serious consequences.  I'm not trying to hurt my fellow people with diabetes.  Instead, I'm trying my best to protect them.”  

As a pump wearer myself, and a continuous glucose monitor wearer, I’m not concerned about being hacked.  I’ll sleep fine tonight … until I see the sensationalist headlines of tomorrow.  And that’s when I might need a bolus of serenity. 

Comments

I think the sensationalism is senseless. The real risk in my mind is that, as you point out, it gives the FDA one more thing to be slow about.

I don't see the mass media hype as really being about hacking. To me, it is just another way of that mass media demonstrating its ignorance of diabetes, the reality of type 1 care and the real risk family's face.

Sadly ignorance and perpetuating it seems to be a staple of mass media. From tabloid celebrity driven journalism, to simplistic solutions to complex societal issues, stupid seems to sell.

So now we deal with the hacking hacks as well as the food police. Neither really matter. We still have our community and that community is strong enough to be able to respond to a round of hackergate.

Maybe we can use our collective strength to talk about what really matters. Have our voices be the ones the FDA hears.

As for what really matters - what are we going to call people who wear Vibes once it come to market? Maybe we can get some mass media press is we use the term Viberators.

http://www.ydmv.net/2011/08/pump-hacking-and-what-really-matters.html

LY/MI

I would venture to say that anyone who has looked at several different brands of pumps knows what brand of pump is in his video, even though he covers it with tape around the screen.

My biggest concern about this is that the FDA will take even longer to approve the Vibe. My son J is also an Animas pumper and I'm eagerly waiting for the Vibe to be approved here.

I'm not sure about this one... reading the news coverage and the tech-specific articles that have been written, they are all pretty straight forward in that they say this is Jay's research and are basically recapping what he's presented. The Fox story presents more than one side, talking to the FDA and delving into other research issues on this hacking topic. To me, it doesn't read as sensational. However, like you Kerri, I do take some issue with how Jay presented this - but even on that I'm a little conflicted and see it both ways. Regardless, I think it's important to highlight this issue and how it's being portrayed and make sure the patient-community can get a voice to the medical device makers that we trust them to handle this, and the FDA that this isn't what they should be worrying about. Thanks for posting this, Kerri.

sent this cheery article by my father also, don't our parents and their cwd have enough to worry about

The only thing that worries me about what Radcliffe did was his ability to interfere with the transmission of the CGM data from his sensor to the receiver. While I'm not worried about someone maliciously hacking into this system and altering these readouts, I AM worried about the issue of interference (i.e., other wireless transmissions interferring with the CGM data sent to the pump, especially in the context of the APP). I think that the one value of Radcliffe's work is possibly uncovering more realistic weaknesses in this system. While I want an APP more than anyone, I also want it to be SAFE.

The fact that Jay titled his seminar, "Hacking Insulin Pumps for Fun & Insulin," tells me all I need to know.

He was thinking about headlines, not safety, and certainly not the FDA. Not surprised he didn't flinch, but glad you called him on it, Kerri.

Ugh, this is tricky. The general population is clueless about Type 1 as it is, and with that Fox News article, it'll only make it worse, not better. I completely understand and appreciate Jay's point of view on getting this out there, but why not go to the insulin pump manufacturer directly instead of presenting it to the public at a huge conference?

I don’t like to see people provide instructions for mayhem but if a device is hackable, I’d rather make choices knowing that than being ignorant. Any device that has a little brain can probably be subverted by a hacker but it does not mean that those devices will not come to market, it means manufacturers have to work harder to make them less vulnerable to attack and Radcliffe’s attack on his own pump may enlighten manufacturers. I don’t think it matters what brand he uses, I would imagine they are all similarly vulnerable.

Okay, I've been thinking about this all day, and haven't gotten really pissed.

I KNOW that I can't be killed, but one of my students could be put in a really bad position. Remember I teach CS, and I have really clever students. One hacked into the wireless system at McDonald's back in the 90s and got in trouble with the FBI. Another came to my class after getting in trouble at a private school and invading their system.

What's stopping one of this years kids from using really poor judgement and following the directions, really hurting themselves in the process.

Yes, most of the diabetics wearing this pump are like you, living somewhat private lives. However, I've already had to contact google maps and get my neighborhood put in a black hole.

BUT, I love the convenience, but now, the information is out there. Do I turn off the wireless?

As a non-diabetic, I look at Jay's research as having large implications beyond the diabetic market. Glucose management has been one of the earliest benefactors of wireless healthcare technology. The fact is that wireless insulin pumps are just the start of where this industry is headed. The technology has been around for a while, but the policies were not in place to ensure the privacy, security, and health of patients who wanted to use it. The FDA now thinks that they are ready to usher in this new era, but Jay's work proves that device security has not been fully addressed.

Think beyond the insulin pump. Wireless medical devices are on the horizon, and it is CRITICAL that the infrastructure is in place to ensure the safety and privacy of the people using them. Sure, Jay could have gone to the manufacturer directly and resolved the problem with them. But that doesn't solve the larger problem of deficiencies in the approval/vetting process, which is only going to have a larger negative impact as time goes on. And if making these devices more secure requires longer approval times because of a more intensive vetting process, is that really a bad thing? Ideally, you want the perfect device here and now, but Jay's research proves that we are not there yet.

Thanks so much for bringing Jay's voice more directly into the conversation. Well done!

Very good article. I am also a diabetic using a pump and trying to get more details on the hack as I will contact my pump vendor and work with my state senator to explore the options of amending existing bills on hacking medical devices such as insulin pumps.

Okay.

First off, did Jay call Medtronic, or did he call Minimed? Medtronic has SFA to do with the design and manufacture of the pump. He should have gotten in touch with Minimed in Northridge.

Second, he says "[the] insulin pump is hackable. I can suspend your pump." Yeah, at which point it beeps and buzzes and generally freaks out. After twenty years of having a pump, my entire nervous system is keyed to the noises it makes. The chance I won't notice it suddenly going on "suspend" is effectively zero.

...and that's assuming I'm using the wireless features of the pump at all, which I'm not.

There is now specfic frequency allocation for implantable device communication. (MICS band).
I was the person representing the medical device companies to the EU communication authorities. whiule drafting the standard, the authorities insisted that wording should be added regarding the unsafety of wireless communication, and it was up to the device manufacturers to prevent harm in case the communication was compromised.

This isn't the first time I've seen medtronic and compromised device in the same article. This means one of two things:

1) FDA hasn't made this an issue that affects certiification. US gov has capabilities to test devices like this ... and should use them.

2) ISV who developed security systen didn't follow medtronic policies.

Post a comment

(All comments are moderated. Thanks for your patience!)