The Trials of a Diabetic Hacker
Jay Radcliffe thought he was a force for good. Last year, the 34-year-old computer network security expert discovered that a best-selling insulin pump used by fellow diabetics is vulnerable to hacking. Tinkering with his own pump, Radcliffe noticed that its wireless connection opened a security hole that would allow an attacker to manipulate the amount of insulin pumped, potentially inducing a fatal reaction.
Radcliffe shared his findings at the popular Black Hat security conference in Las Vegas last August, convinced that the publicity would pressure manufacturers of medical devices to improve their security. Instead, the presentation, which was titled “Hacking Medical Devices for Fun and Insulin,” unleashed a tide of angry e-mails. Radcliffe, who has a day job at IBM (IBM), heard from parents terrified that he had given evildoers a blueprint to kill their children. Diabetics, worried that his research would slow the approval process for more secure pumps, also weighed in.
Victoria Cumbow, a blogger in Huntsville, Ala., says diabetics like herself experienced “a borderline betrayal feeling” when they heard of Radcliffe’s exploit. “We didn’t feel like he put the community first, and the defense mechanism went up,” she says.