{"id":17576,"date":"2020-01-28T10:52:23","date_gmt":"2020-01-28T18:52:23","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2020\/01\/28\/news-11311\/"},"modified":"2020-01-28T10:52:23","modified_gmt":"2020-01-28T18:52:23","slug":"news-11311","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/01\/28\/news-11311\/","title":{"rendered":"VB2019 paper: Medical IoT for diabetes and cybercrime"},"content":{"rendered":"

It is estimated that between 8% and 9% of the population worldwide suffers with some form of diabetes.<\/p>\n

People with type 1 diabetes typically have to measure their blood glucose levels several times a day and adjust their treatment according to the results. Traditionally, this has been done by means of the person pricking their finger to draw a drop of blood, from which the levels of glucose are measured. A relatively recent innovation that can help make this process less arduous \u2013 and less intrusive\u00a0\u2013 is an IoT device that automatically measures the levels of glucose in a person’s blood without the need for them to prick their finger.<\/p>\n

Clearly a welcome innovation for those affected by the disease, but are there any security risks?<\/p>\n

In a paper written for VB2019, Fortinet<\/em> researchers Axelle Apvrille and Aamir Lakhani asked: what threats are faced by diabetes sufferers who want to use medical IoT devices?<\/p>\n

\"threats-overview.png\"<\/p>\n

Privacy and security threats on a Flash Glucose Monitoring system.<\/p>\n

The researchers looked at potential threats from three different angles: the security and privacy the IoT devices themselves, the existence of diabetic-related pieces of malware, and the trading in patient records on the Darknet.\u00a0<\/p>\n

Today we publish the researchers’ paper in both HTML<\/a> and PDF<\/a> format, as well as the recording of the presentation given by Axelle in London.<\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n