Tag Archive: hacking


Jack, who became famous after demonstrating an ATM hack, died on Thursday – but coroners did not give details

Barnaby Jack, a hacker who was due to present his findings on the security vulnerabilities of implanted medical devices, has died.

The San Francisco medical examiner’s office said Jack, 35, died in the city on Thursday – but did not provide details on the circumstances surrounding his death.

Jack had exposed a security flaw in insulin pumps that could be made to dispense a fatal dose by a hacker 300ft away, pushing some medical companies to review the security of these devices.

He was also a popular and respected figure in the information security scene. Within that small scene, reverse engineers are especially close, said Matthieu Suiche, a friend of Jack’s and chief scientist at CloudVolumes Inc in an email. “We pretty much all know each other, or have lots of common friends,” Suiche said. “It’s almost like we all grew up together.”

He added: “There isn’t much to say except that Barnaby was one of the rare people in InfoSec who was a brilliant researcher but also a good friend to many of us.”

Suiche met Jack at the Black Hat conference a few years ago and said they had been really good friends since. He said he had drinks with Jack and his girlfriend in San Francisco just over a week ago.

He called his friend “brilliant”, and said Jack’s latest research on medical devices could help save the lives of many people. “In this world full of people fearfully complying and worrying, very few people are crazy enough to challenge the rules, to approach life in an unconventional paradigm and to speak up to contribute to change this world,” Suiche said.

Jack was due to speak at the Black Hat conference, which starts Saturday in Las Vegas. His presentation, “Implantable medical devices: hacking humans,” would have explained how these devices could be compromised and would have suggested ways to improve device security.

Black Hat said the room his discussion was meant to take place will instead be used as a place for his friends and colleagues to gather and remember him on 1 August, when the session was set to take place.

Black Hat said in a statement:

We have lost a member of our family. Everyone would agree that the life and work of Barnaby Jack are legendary and irreplaceable. Barnaby had the ability to take complex technology and intricate research and make it tangible and accessible for everyone to learn and grow from. Beyond his work in our industry, Barnaby was an incredibly warm hearted and welcoming individual with a passion for celebrating life. We all have a hilarious and upbeat story about Barnaby. He is truly a shining example of what we love about this community.

Black Hat will not be replacing Barnaby’s talk on Thursday, Aug. 1. No one could possibly replace him, nor would we want them to. The community needs time to process this loss. The hour will be left vacant as a time to commemorate his life and work, and we welcome our attendees to come and share in what we hope to be a celebration of his life. Barnaby Jack meant so much to so many people, and we hope this forum will offer an opportunity for us all to recognize the legacy that he leaves behind.

Our deepest sympathies go out to Barnaby Jack’s family and loved ones. Words cannot adequately describe how much he will be missed, but it is certain that Barnaby will NEVER be forgotten.

At the time of his death, Jack was director of embedded security research at security firm IOActive. On Twitter, the company said: “Lost but never forgotten our beloved pirate, Barnaby Jack has passed. He was a master hacker and dear friend. Here’s to you Barnes!”

Cyber attack

During Hewlett Packard’s Discover event held in Frankfurt, Germany, the company let slip that the US Navy is getting hit by 110,000 cyber attacks per hour, or about 30 attacks every second. At the event, Mike Nefkens, head of enterprise services at HP, said, “For the US Navy we provide the network for 800,000 men and woman [sic] in 2,000 locations around the world, protecting them against 110,000 cyber attacks every hour.” He most likely made the statement in an attempt to boast about HP’s capabilities, but rather, revealed the constant threat from cyber attacks the US Navy faces.

Hewlett Packard has this information because they signed a $3.3 billion deal back in 2010 to manage the Navy Marine Corps Intranet, as well as the Navy’s move to a Next Generation Enterprise Network.

The sheer number of attacks are staggering any which way you look at it. If that 110,000 attacks per hour figure doesn’t sound too impressive, what about 96.4 billion cyber attacks per year, or about 1,833 attacks per minute?

Back in 2011, the Pentagon ruled that cyber attacks originating from another country officially constitute an act of war, and can be responded to with standard military actions. This, of course, meant that the US could launch a military strike in retaliation to some kind of hack that threatened national security — you know, like 96.4 billion attacks against the US Navy. Granted, not all of those attacks might come from other nations, but the majority of them most likely don’t come from some kid in a basement having a laugh. If the attackers are aware of the Pentagon’s ruling, it goes to show how confident they must feel about the security of their identity.

via V3

%d bloggers like this: