Month: June 2017

A Detailed Analysis of Pacemaker Ecosystem’s Failed Security Checkup

By Ali Raza

The pacemaker itself is not a new piece of technology.  Interfacing it with a network – including the publicly accessible Internet – is a relatively new concept and opens the door to potentially life-threatening security vulnerabilities. Recently, the newly developed Pacemaker Ecosystem, the technology framework for connecting next-gen Pacemakers to the Internet of Things (IoT) failed its cyber security check-up.

IoT Brings Major Security Challenges

The very concept behind the Internet of Things highlights the convenience of connecting device across a public facing Internet connection. The benefits of IoT connectivity are myriad. An IoT-enabled Pacemaker allow medical professionals to remotely monitor Pacemaker users, 24/7.

Potentially, the same healthcare professionals could remotely reconfigure a Pacemaker as well. But what happens if somebody other than the authorized healthcare specialist, without the necessary knowledge and expertise to manage pacemaker gains access of the IoT healthcare device? The implications of this are terrifying.

Transparency is a Potential Security Vulnerability

The Pacemaker Ecosystem failed its cyber security test due to the potential security vulnerabilities found within the integrated set of technologies that constitute the overall platform infrastructure.

Because of the open nature of IoT security protocols, it is possible to learn very quickly how the Pacemaker Ecosystem handles security. Since the platform uses standardized cryptography methods, finding security vulnerabilities is far easier, as compared to finding them in propriety cryptography methods.

Incorporating off-the-shelf, potentially vulnerable cryptography technology into a healthcare IoT device platform is not necessarily a great idea either. Many vendors of open technologies have a less-than-stellar reputation for promptly addressing security vulnerabilities.

Robust Cryptography is Necessary for Healthcare IoT Devices

Infrastructure security loopholes aside, the Pacemaker Ecosystem has been criticised for failing to leverage adequate encryption for data security.

Whilst governments around the world are moving toward restricting the strength of consumer grade encryption in favor of national security, there can be no valid reason for vendors not apply strong encryption to data and networks involved in maintaining a patient’s cardio functionality.

However, the Pacemaker Ecosystem failed to use top grade encryption, and furthermore, can potentially leak unencrypted data due to security vulnerabilities introduced by third-party vendor technologies involved.

Multiple Points of Failure

The security testing and subsequent failure of the Pacemaker Ecosystem was dramatic due to the sheer volume of potential security vulnerabilities uncovered. Across the entire software platform, over 8,000 potential security vulnerabilities were found in standard library functions alone. It was also found that certain private patient data was being stored in an entirely unencrypted fashion.

Although the concept of IoT-enabled medical devices promises great value propositions, the road to developing secure and reliable devices is going to be a long one, with many challenges to overcome. As such, strong encryption is the least fundamental security requirement.

United Airline Security Breaks at its Weakest Point: The Human Element

By Ali Raza

United Airlines seems to be lurching from one bad PR story to the another. This time, a United Airlines flight attendant accidentally posted the keypad access codes for airplane cockpit doors on a public website. The Wall Street Journal revealed the story, but did not identify the website or online forum where the codes were posted. Based on the available information, it appears the code leak was unintentional – pilots and flight attendants regularly use online forums such as Facebook groups for general discussion. This time however, one flight attended took the discussions a bit too far.

This was a significant breach of security without a hacker in sight. Just another case of the biggest security risk and the weakest link in the security chain – the human element.

Airlines maintain strict access control to the flight deck ever since 9/11. The keypad code alone would not necessarily grant access. The captain must also visually validate the person requesting access and only then unlock the door. Using the correct keypad codes does not entitle anyone to enter the flight deck. Access can be declined by the captain. United moved immediately to change all their cockpit door access codes and avoid the possibility of exploitation.

This story highlights the importance of staff training in the chain of ownership and control of security information, as well as regular training and refresher courses.

How significant is the human element in security procedures?

The alarming fact is that the human element contributed to 95% of all security incidents recorded globally by IBM in their Security Services 2014 Cyber Security Intelligence Index. The most common failures are opening unsafe email attachments, clicking on an unsafe website link, weak and easily identifiable passwords, losing laptops and mobile devices, not keeping software up to date or applying security patches, and so on. Humans quickly become blasé and bored by routine, losing sight of the rationale for maintaining alertness and sticking religiously to security procedures.

There is also an element of laziness, forgetfulness and the “it can’t happen to me” syndrome.

Planning for the human element in security defenses

Humans design the asset and facilities that security systems protect. They then design the security defenses around those assets, which are then used by humans. Humans make mistakes all the time and this critical characteristic needs to be addressed by security design, implementation and training.

The most effective remedy is frequent and relevant refresher training. Frequent and very short bursts that focus on a particular aspect of security work best and are least disruptive. The more dramatic and memorable they can be made, the better. The objective is to ensure as much as is possible, that the subject remembers this training at the point where it is needed. For example, when entering a door keypad access code, ensure that nobody can see the code being entered. It is the simple routine things that humans fail at, as time goes by.

The role of government in protecting human lives

The United Nations Human Security in Theory and Practice covers a much wider scope of what constitutes security, of course. However, it does acknowledge that “human security threats cannot be tackled through conventional mechanisms alone”. Governments have a duty to protect their citizens. While national security, anti-terrorism and highly visible security measures such as airport security screening are vital components, so is the education of the man and woman in the street. In wartime, the slogan was “Careless talk costs lives”. While not as dramatic, carelessness is the biggest threat to security defenses of all types and at all levels.

Governments can do more to raise public awareness of the need to maintain a simple but effective level of vigilance. Human security failings that lead to breaches cost money, reduce consumer confidence in technology, and are an attack vector for foreign and criminal hostiles. National security starts at home.