Thursday, September 1, 2016

Hack the stock market

This is a pretty interesting attack:

The story so far

tl;dr: hackers drop 0day on medical device company hoping to profit by shorting their stock
That's almost a 10% drop in the share price.  Based on a Market Cap of $20B, that's a $2 Billion dollar move, all based on security vulnerabilities.  But I'll bet that there wasn't enough money at St. Jude for a proper security design.

I expect to see more of this.


SiGraybeard said...

The article on Errata Security is even more interesting. Folks should RTWT.

The pacemakers themselves can be hacked from 50' away? A small, autonomous SDR a few (<20) feet from a bedroom window can be a murder weapon?

Borepatch said...

Graybeard, it's a pretty ugly security issue. The company says it's not, but you can decide for yourself how much credibility that has.

Archer said...

And they can't patch the software without incurring FDA wrath and significant costs. They can't make any changes without having to resubmit for FDA testing and approval.

Which means the entire product line either stays broken or (pardon the term) dies.