Conference logo

500.000 Recalled Pacemakers, 2 Billion $ Stock Value Loss - Tobias Zillner

camp19 - Security - 8/22/2019

During an independent security assessment of several pacemaker vendors multiple lethal and highly critical vulnerabilities were found. Based on previous experience with one specific vendor a new way of monetising vulnerabilities has been chosen. After going public a huge discussion on vulnerability disclosure ethics and responsibilities began. The stock value of the affected vendor dropped by 2 billion dollar just in one single day. The security researchers got discredited and a huge lawsuit was started. After a year of mutual accusations and denial more than 500.000 pacemakers got recalled. This talk will provide insights into pacemaker security and share first-hand experience gathered during this project. A special focus will also be on ethical vulnerability disclosure and lessons learned for future security research.

Share this talk:
https://c3stream.de/Info?guid=9b7f0485-2ff1-4302-b1b7-98cbc8b502f4