Researchers Mount Cyberattacks Against Surgery Robot 55
An anonymous reader writes: A group of researchers from University of Washington have tested the security of a teleoperated robotic surgery system created by their colleagues, and have found it severely lacking. "Teleoperated surgical robots will be expected to use a combination of existing publicly available networks and temporary ad-hoc wireless and satellite networks to send video, audio and other sensory information between surgeons and remote robots. It is envisioned these systems will be used to provide immediate medical relief in under-developed rural terrains, areas of natural and human-caused disasters, and in battlefield scenarios," the researchers noted, and asked: "But what if these robotic systems are attacked and compromised?"
never underestimate (Score:2)
never underestimate people's capacity to be mind-glowingly evil...
it seem's they have this thought in mind
Re: (Score:2)
*blowingly
Re: (Score:2)
*blowingly
I liked it better the other way...
That's him officer, the guy with the head that looks like a cheap LED candle! Be careful, he's very evil...
Re: never underestimate (Score:2)
Also accepted:
*slowingly
*plowingly
*flowingly
*loweringly
*gloatingly
*glaringly
*Cowboy Neal
Re: (Score:2)
never underestimate people's capacity to be mind-glowingly evil... it seem's they have this thought in mind
Or overestimate the risk. Just think how many easy ways there are to rig something or randomly poison something and do great harm to people, yet it rarely happens the 'sneaky' way. More often someone will blatantly cause harm and to others and often themselves as well. I think for many the risk of getting caught doing something that evil via hacking is likely a deterrent as well. It certainly would bring pretty harsh penalties.
I'm not saying we shouldn't take reasonable steps to prevent these risks, just
Re: (Score:2)
But to commit intentional murder or violence in a conventional way (usually) requires you to be present in the jurisdiction where the crime occurred, so at least in this new arena, it's entirely conceivable that an "attacker" (literally) could cause bodily injury, even death, without setting foot into any jursidiction where they have the "risk" of being apprehended or even extradited. ... that is, if you can even determine who the attacker was, or even if you can distinguish that there was a malicious actor
Re: (Score:2)
The old saying of, "Never automatically credit to malevolence when stupidity or ignorance is is equally likely." If you can disable or misdirect the tool on purpose, it's likely that it can also be done by accident. In its day having your web site SlashDotted could be more destructive than an organized DOS attack, more than one web server was brought to its knees by being linked to in a SlashDot thread.
Re: (Score:2)
The evil I refer to is the idea of taking pains to commit random, motiveless murder of a helpless innocent victim for no reason other than to do it.
Most murders have a highly relevant and particular motive to the murderer. Even terrorism has a motive, but to achieve that motive it must have a broad reach. Hacking a medical connection to kill one person won't achieve that.
Yet surely, someone would do it just to prove they can.
You might say a terrorist would want to do it many times over because that would be
Re: (Score:2)
They get a dangerous and unnecessary surgery of their very own...
via dialup...
with no firewall...
using a system running Windows ME...
That last one might be a step too far. (damn, I ran out of ellipsis!)
Dick Cheney... (Score:2)
Re: (Score:1)
Re: (Score:2)
Which is worse for a patient with a condition that is typically not fatal and for which on-site surgery has a known risk of fatality:
* Sorry, you'll have to wait for a doctor who may never come
* We'll give you remote surgery but there's a chance someone will hack the system in a way that could kill you, plus there is still the normal risk you will never wake up from the anesthesia
Re: (Score:2)
Re: (Score:2)
The exactly same thing will happen if they do not provide the service to undeveloped areas, the patient suffers and possibly dies. Any effort to do something is better than doing nothing despite the risks involved.
Sure, but there's a few more options than doing this and doing nothing. For example, if the connection is so unreliable would you rather have someone on-site try doing it under audio/video/photo/sketch/text guidance and if the connection breaks down he'll just have to wing it or do you really want a remotely operated robot that'll leave you stranded when the connection fails. Not to mention the latter is harsh, but maybe needed on-the-job training. And if you want remotely operated robots, well you need som
Re: (Score:3)
Yes. The entire thesis of the researchers is more than a little bizzare:
A crucial bottleneck that prevents life-saving surgery being performed in many parts of the world is the lack of trained surgeons. One way to get around this is to make better use of the ones that are available.
No, these machines are going to be used in 'first world' situations in order to help surgeons perform difficult tasks. The idea that someone is going to send a highly complex robot out into the total boonies is pretty far fetched. Surgery is much more than the surgeon. It's the scrub and circulator nurses. It is the sterile OR and equipment. It is anesthesia and pre op and post op nursing. This machine will do little to help with
Re: (Score:2)
No, these machines are going to be used in 'first world' situations in order to help surgeons perform difficult tasks.
No, they'll be used in first world, but the operator sits in an Indian surgery center fixing your heart valve for $10 per hour.
Re: (Score:2)
It depends on the cost of these things. If each robot is a gazillion dollars then yes, you're right, they'll only be used in the first world. If the price is intermediate then they may well be mounted in military helicopters and mobile facilities to do battlefield surgery beyond the capability of the corpsmen. If they are cheap (comparatively) then they will be widely deployed, never mind the network and security issues, in the Third World. In Peru, which I am most familiar with, the top surgeons tend t
Re: (Score:2)
But if you lived in Machu Picchu and needed heart surgery, it would be extremely unlikely that anyone would truck the machine up there. Because you also need a bypass machine. And a damned good anesthesiologist (who probably lives with the other docs in the big city) and the nurses and the dacron grafts and the special sutures and the ventilators and the vent techs and so forth and so on.
So having the smart machine doesn't help you over much. Even for battlefield medicine, I don't think surgical robots
No excuse for this (Score:3, Interesting)
You can't completely prevent your communication going down due to malice, accident, or acts of nature. When those fail you have to have a backup plan such as going into a failsafe mode.
BUT You can and must detect interference and either correct for it or treat it like a total communications failure. There is no excuse for being fooled into taking instructions from an unauthorized party (well, unless the instruction is "you think I'm hacking your communications but I'm really doing a side-channel attack to trick you into doing what you normally do when you lose communications, now obey me and do what you normally do when your communications are hosed, thank you.").
Re: (Score:2)
What does that have to do with anything? If someone on-site is compromised, they don't need to compromise the sophisticated surgical robot to kill the patient, there's plenty of other ways to do the same job.
The risk now is that some script kiddie half way around the world (or a neighbor with an ax to grind) takes control of the robot midway through the operation and implements "blender mode". Rather than worrying about the handful of professionals on-site, now you have to worry that anyone, anywhere on E
Re: (Score:1)
Grandparent:
Something about if they have physical access means you won't have any security anyway
Parent:
What does that have to do with anything? If someone on-site is compromised,
Actually, the grandparent has a point: Someone with physical access to the robot prior to the surgery could replace or reprogram the robot. Someone with physical access to a machine "inside" the hospital's network (or for that matter, the network of the hospital where the human driving the robot is at) might be able to remotely-control the robot in ways that someone "outside" the network wouldn't be able to do if there was a site-to-site secure VPN but no machine-to-machine secure commu
DoS (Score:2)
Even with a secure link it's possible to overload the network with a denial of service attack.
Re: (Score:3)
Sure - but the implications of the robot going "dead" halfway through a surgery are much less severe than someone suddenly hijacking the signal and switching to "blender mode". A dead 'bot is still a problem, but you probably have on-site staff capable of at least attempting to stabilize the patient.
Re: (Score:2)
Sure, but a DoS attack is much easier to perform, much harder to resist, and can be continued for a long time. If you're halfway during a transplant, you can't really afford to wait.
As for the rest of the stuff, you could simply run the connection through a VPN. That's probably smarter than trying to reinvent security protocols.
Cart before the horse? (Score:2)
Great that they are thinking about security on the device long before they are implemented... but, I would think that it would be way more important to think about the connection these things are communicating over first...
Seems to me that battlefield and rural areas would have the least reliable network connection possible. I would think that the bar would need to be raised in this area before SURGERY could be accomplished.
Re: (Score:2)
Depends... if somebody's critically wounded on the battlefield, and there's no local surgeon available, a 80% chance of a successful remote surgery is better than none.
Re: (Score:2)
Well, you probably have a local surgeon who could attempt the operation - the robot simply allows a specialist to do the job instead. If the datalink drops out the local surgeon can take over - it may drop the patient's recovery chances considerably, but nothing compared to having a scalpel-wielding robot suddenly go berserk on their innards.
Also, did you miss the part where they said satellite links are one of the options? Probably the ONLY real option in the aftermath of a major natural disaster. And ba
Laggy (Score:2)
Re: (Score:2)
You can now literally be hacked.
Dear Doctors and Hospitals.... (Score:2)
Pay for real IT security staff. $250,000 a year each is a starting wage for Good ones. Until you do so you will have problems.
WE need to stop with this bullshit of trying to get security without paying for it. Tell these morons, DUH! you refuse to pay for it. until they understand.
Re: (Score:1)
Medical Pod 720i (Score:2)
The attack will come from within.
Re: (Score:1)
Sorry, we thought you said you needed a craneotomy, not an appendectomy!
A crappendectomy?
TeleAssassination? (Score:1)
Stop the insanity! (Score:1)
Underkill. (Score:2)
Something to seriously consider for remote surgery (Score:1)
As an example, it's very hard to get any MDs or nurses in some of the emptier remote parts of WA, BC, and ID, and at times, even if you could drive it, it's 50-100 miles to the nearest hospital over mountain passes with a heck of a lot of snow where I grew up. Some days the highway won't reopen for a week.
So something like this is way more important than you might realize.
Links aren't that fragile in many of these remote areas, as a lot of our power generation is going on there, so you can piggyback on the
Re: (Score:2)
And again. It's not just the doctor that you can't get in rural areas. It's the nurse, the anesthetist, the OR tech, the OR, the pieces parts, the blood bank, the ventilator, etc. Surgery is a whole package. It is much safer to get the patient out to an institution that does the procedure on a regular basis than to try to hack through a treatment that the staff hasn't done in a year. Not everything goes right. Sometimes you want another specialist to help when surgical misadventures arise. Until the
Re: (Score:1)
Actually, the UW surgical robot is the one you see in the space training sequences of certain SF movies. Ender's Game specifically.
It actually exists.
Look where and when they plan to use it (Score:2)
Look at where and when they plan to use these. It sounds like they intend them for situations where a live doctor is not available. If they use it in 10 emergencies, 1/2 of the time it is succesful and 1/2 of the time it is hacked then that's 5 lives saved that would have died and 5 lost that would have died anyway.
Don't get me wrong, these things should be secured and the goal should be to save all 10. But.. no use letting the 5 lucky ones die just because it isn't ready yet!