Telesurgery Robot hacked

TelesurgeryAn der University of Washington in Seattle haben sie zum ersten mal einen Bot für Tele-Operationen gehackt (da ist ein riesiger Banner mitten im Text, is' aber trotzdem interessant). Die Teile sind seit Jahrzehnten in Einsatz, wahrscheinlich haben die Surgery-Robot-Anwälte demnächst mehr zu tun und das liest sich für mich als Security-Noob ziemlich haarsträubend:

The final category of attack is a hijacking that completely takes over the robot. This turns out to be relatively easy since the Interoperable Telesurgery Protocol is publicly available. “We effectively took control over the teleoperated procedure,” they say. They even worked out how to generate movements that triggered an automatic stop mechanism built in to the robot. This occurs when a movement takes the arms beyond some predefined distance or makes them move too quickly.

By constantly sending commands that triggered this mechanism, the team were able to carry out a kind of denial of service attack. “We are able to easily stop the robot from ever being properly reset, thus effectively making a surgical procedure impossible,” they say. And if this kind of cyberattack weren’t bad enough, the video connection was also publicly available allowing almost anybody to watch the operation in real time.

Technology Review: Security Experts Hack Teleoperated Surgical Robot

Hier nochmal das großartige Commercial von damals (kein Fake):