Is the NSA Interested in Pacemaker Data?

There at least appears to be some theoretical interest at the U.S. intelligence agency.

Qmed Staff

The NSA thinks data from medical devices such as pacemakers might be of some use, at least theoretically, according to Jenna McLaughlin at The Intercept, citing a talk NSA deputy director Richard Ledgett gave at Defense One Tech Summit 2016.

Ledgett, speaking June 10 at the Newseum in Washington, DC, reportedly described biomedical devices as a "maybe a niche kind of thing ... a tool in the toolbox."

As for the entire Internet of Things, Ledgett described it as both a security nightmare and an intelligence bonanza--with the complexity of IoT aiding the ability to penetrate systems and gather data.

The quotes raised some eyebrows on other media websites.

The Verge's Jacob Kastrenakes says it is "both wild and disconcerting to think that something as critical as a pacemaker could be monitored by a hacker."

Bitcoin enthusiast JP Buntinx writes on The Merkle: "It seems ludicrous to think a pacemaker would hold any valuable information to protect national security. Moreover, if the NSA can monitor these devices which determine between life and death, Internet criminals and hackers will find a way in as well. This would put a whole new spin on "hitmen hired over the Internet,' as a hacker could shut off a pacemaker remotely [in the worst case scenario]."

Could such hacking even be technologically possible, though? Koen Weijand, a medical device R&D consultant based in Spain, tells Qmed that pacemaker telemetry signals are so weak that one needs to be within 10 feet of the device to be able to communicate. "Many times the communication can only be initiated by a magnet or high power radio signal," Weijand said.

Still, alarms are increasingly being raised about how easy it is to hack into a medical device that transmits data. Forrester Research predicted last year that ransomware would increasingly be used to remotely take over implantables such as pacemakers, allowing hackers to extort money from the devices' users in return for keeping them alive.

Sure enough, hackers managed to bring down the medical devices and computing systems at Hollywood Presbyterian Medical Center in Los Angeles early this year. 

Chris Newmarker is senior editor of Qmed and MPMN. Follow him on Twitter at @newmarker.

Like what you're reading? Subscribe to our daily e-newsletter.