Security flaws revealed in teleoperated surgical robots

MIT Technology Review : Teleoperated surgical robots allow highly skilled surgeons to operate remotely on patients that they would not otherwise be able to reach easily. The number of such robots is growing every year. Although there have been no recorded incidents in which machines malfunctioned because of problems with the fiber-optic networks connecting the surgeon to the machine, Tamara Bonaci of the University of Washington in Seattle and her colleagues have now demonstrated a variety of potential security vulnerabilities. They attempted to hack a surgical robot system, developed at the University of Washington, that makes use of public, unencrypted communication systems. In their attacks, they were able to disrupt the signals transmitted by the user, which affected the robot’s movements either subtly or significantly. They were also able to trigger the robot’s built-in stop functionality, designed to prevent dangerous movements, in such a way that they could completely prevent the robot from being available for use. Bonaci’s team then applied encryption to the robot’s communication system. Although the encryption reduced the effectiveness of several of the attacks, it was not foolproof against all hacks.