David Gardner / London Daily Mail – 2013-08-01 14:25:21
http://www.dailymail.co.uk/news/article-2379009/Barnaby-Jack-dead-days-demonstrate-kill-fitted-pacemaker.html
Hacker Found Dead Just Days before He Was Due to Demonstrate How to Kill Someone Fitted with a Pacemaker at Conference
Barnaby Jack hacks an ATM at Black Hat. Video courtesy of Security Week.
SAN FRANCISCO (July 28, 2013) — Mystery surrounds the death of a celebrated computer hacker who claimed to know how to remotely kill someone fitted with a heart pacemaker – as happened in the fictional TV spy drama Homeland.
Barnaby Jack died in San Francisco on Thursday, just days before he was due to give a speech revealing how implanted heart devices were at risk from fatal hacking attacks.
The San Francisco Medical Examiner’s office confirmed the death last night but did not give any further details.
New Zealand-born Jack, 35, was scheduled to be one of the star guests at the Black Hat hacking convention in Las Vegas next week.
In a presentation called Hacking Humans, he was planning to highlight the shortcomings of commonly used pacemaker machines by demonstrating how he could hack into them and kill the heart patient from 50ft away with a deadly power surge triggered by a wireless transmitter.
An episode of the acclaimed US series Homeland, starring Damian Lewis and Claire Danes, showed a terrorist using a computer to hack into the Vice-President’s pacemaker and speed up his heartbeat until it kills him.
In Homeland, the killer needed the serial number of the pacemaker, but Jack argued that in real life it was even simpler and knowing the code was not necessary.
In a recent blog, he said: ‘The only implausible aspect of the hack was the range in which the attack was carried out.
‘The attacker would have had to be in the same building or have a transmitter set up closer to the target. With that said, the scenario was not too far-fetched.’
He said some pacemakers could be commanded to deliver a deadly 830-volt shock from someone on a laptop up to 50ft away, the result of poor software programming by medical device companies.
Jack claimed it was possible to infect the pacemaker companies’ servers with a bug that would spread through their system like a virus.
‘We are potentially looking at a worm with the ability to commit mass murder,’ he added. ‘It’s kind of scary.’
The possibility of such attacks is being taken so seriously by the US Food and Drug Administration (FDA) that it has asked manufacturers to ensure greater protection for newer pacemakers which use wireless technology.
Jack became one of the world’s most famous hackers after a 2010 demonstration of ‘Jackpotting’ – getting cash machines to spew out money.
At the time of his death, Jack was director of embedded-device security for Seattle information-security firm IOActive.
The company said in a tweet: ‘Lost but never forgotten, our beloved pirate, Barnaby Jack, has passed.’
Posted in accordance with Title 17, Section 107, US Code, for noncommercial, educational purposes.
