{"id":39446,"date":"2013-10-19T19:44:58","date_gmt":"2013-10-19T23:44:58","guid":{"rendered":"http:\/\/blogs.nejm.org\/cardioexchange\/?post_type=news&#038;p=39446"},"modified":"2013-10-19T19:44:58","modified_gmt":"2013-10-19T23:44:58","slug":"could-terrorists-have-hacked-dick-cheneys-icd","status":"publish","type":"post","link":"https:\/\/blogs.nejm.org\/cardioexchange\/2013\/10\/19\/could-terrorists-have-hacked-dick-cheneys-icd\/","title":{"rendered":"Was Dick Cheney&#8217;s ICD Vulnerable to Hacking?"},"content":{"rendered":"<p>It happened in\u00a0<em>Homeland<\/em>. Could it happen in real life?<\/p>\n<p>In <a href=\"http:\/\/www.cbsnews.com\/video\/watch\/?id=50157418n\">a\u00a0<em>60 Minutes<\/em>\u00a0segment<\/a>, Dick Cheney says that his doctors turned off the wireless function of his implanted cardioverter-defibrillator (ICD) &#8220;in case a terrorist tried to send his heart a fatal shock,&#8221;\u00a0<a href=\"http:\/\/www.washingtonpost.com\/entertainment\/tv\/cheney-had-heart-device-partially-disabled-to-prevent-a-terrorist-from-sending-a-fatal-shock\/2013\/10\/18\/ca6e2d7a-384d-11e3-89db-8002ba99b894_story.html\">according to the Associated Press<\/a>.<\/p>\n<blockquote><p>Years later, Cheney watched an episode of the Showtime series <em>Homeland,<\/em> in which such a scenario was part of the plot.<\/p>\n<p>\u201cI found it credible,\u201d Cheney tells <em>60 Minutes<\/em> in a segment to be aired Sunday. \u201cI know from the experience we had, and the necessity for adjusting my own device, that it was an accurate portrayal of what was possible.\u201d<\/p><\/blockquote>\n<p>I asked three experienced electrophysiologists &#8212; the cardiologists who implant ICDs &#8212; whether this was a realistic concern. The short answer is that this has never happened in the real world but that it&#8217;s impossible to rule out the possibility. So perhaps Cheney and his doctors weren&#8217;t paranoid, just excessively careful.<\/p>\n<p><a href=\"http:\/\/www.drjohnm.org\">John Mandrola<\/a>\u00a0is\u00a0a cardiac electrophysiologist practicing in Louisville, Kentucky:<\/p>\n<blockquote><p>The <em>Homeland<\/em> conclusion last year was fictional because right now at least, you cannot change programming of an ICD &#8216;remotely.&#8217; In that episode, terrorists deactivated the ICD, then induced VT\/VF. They did an EP study but didn&#8217;t bring the patient back. [<em>Editor&#8217;s note: During an EP study a patient&#8217;s heart is intentionally stopped and then restarted. This is a typical example of electrophysiology humor.<\/em>]<\/p>\n<p>&#8216;Remotely&#8217; is different than &#8216;wirelessly.&#8217; In the office, you can make wireless contact with an ICD once a wand is waved over it, and you stay in close contact &#8212; a few feet, I think.<\/p>\n<p>It&#8217;s probably not long before remote programming is possible. Then, such security may be an issue.<\/p><\/blockquote>\n<p><a href=\"http:\/\/ejsmdblog.wordpress.com\/\">Edward J Schloss<\/a>\u00a0is the Medical Director of Cardiac Electrophysiology at The Christ Hospital in Cincinnati, Ohio:<\/p>\n<blockquote><p>In order to reprogram a modern ICD, we need to place a telemetry wand directly over the device to establish communication. After that we can continue to to communicate with the device (including reprogramming) as long as we are in close proximity (~30 feet, I think). We can&#8217;t reprogram an ICD from a longer distance than that&#8230;.<\/p>\n<p>I am not intimately familiar with the mechanisms of ICD telemetry when it comes to hackery. I would not exclude the possibility that someone with a lot of resources and technical knowhow could develop a technique for remote reprogramming. I just know that with currently available hardware, I could not do it unless I was able to get in close proximity to the device.<\/p>\n<p>If I were the vice president, I would probably want to work with industry to minimize my risk.<\/p><\/blockquote>\n<p><a href=\"http:\/\/drwes.blogspot.com\">Westby Fisher<\/a>\u00a0practices at\u00a0NorthShore University HealthSystem in Evanston, IL \u00a0and is a Clinical Associate Professor of Medicine at the University of Chicago&#8217;s Pritzker School of Medicine:<\/p>\n<blockquote><p>Daniel Halperin with William Maisel, MD, and colleagues set out to hack a Medtronic ICD and did in\u00a0<a href=\"http:\/\/www.secure-medicine.org\/public\/publications\/icd-study.pdf\">a paper published in 2008 in IEEE<\/a>.<\/p>\n<p>They were within 4 inches of the device and reverse-engineered the telemetry protocol. Their point: data are not encoded. This since has been changed, but devices that once used electromagnetic coupling have been &#8220;upgraded&#8221; to radio waves in the medical frequency (400-405 MHz). Though no device has ever been hacked with the new technology to my knowledge, the new technology offers potential opportunities IF an electromagnetic handshake first weren&#8217;t required, like it is now.<\/p>\n<p>Cheney&#8217;s paranoia was a bit excessive, but then again, who knows in the world of espionage&#8230;<\/p><\/blockquote>\n<p>Here&#8217;s\u00a0<a href=\"http:\/\/blog.ioactive.com\/2013\/02\/broken-hearts-how-plausible-was.html\">a highly detailed blog post<\/a>\u00a0about the<em> Homeland<\/em> episode from the perspective of computer security experts.<\/p>\n<div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>It happened in\u00a0Homeland. Could it happen in real life? In a\u00a060 Minutes\u00a0segment, Dick Cheney says that his doctors turned off the wireless function of his implanted cardioverter-defibrillator (ICD) &#8220;in case a terrorist tried to send his heart a fatal shock,&#8221;\u00a0according to the Associated Press. Years later, Cheney watched an episode of the Showtime series Homeland, [&hellip;]<\/p>\n","protected":false},"author":196,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,1],"tags":[2028,448,2029],"class_list":["post-39446","post","type-post","status-publish","format-standard","hentry","category-electrophysiology","category-general","tag-dick-cheney","tag-icds","tag-security"],"_links":{"self":[{"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/posts\/39446","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/users\/196"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/comments?post=39446"}],"version-history":[{"count":0,"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/posts\/39446\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/media?parent=39446"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/categories?post=39446"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.nejm.org\/cardioexchange\/wp-json\/wp\/v2\/tags?post=39446"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}