A widely used infusion pump can be remotely hijacked, say researchers

An infusion pump widely used in hospitals and medical facilities has critical security flaws that allow it to be remotely hijacked and controlled, according to security researchers.

Researchers at healthcare security firm CyberMDX found two vulnerabilities in the Alaris Gateway Workstation, developed by medical device maker Becton Dickinson.

Infusion pumps are one of the most common bits of kit in a hospital. These devices control the dispensing of intravenous fluids and medications, like painkillers or insulin. They’re often hooked up to a central monitoring station so medical staff can check on multiple patients at the same time.

But the researchers found that an attacker could install malicious firmware on a pump’s onboard computer, which powers, monitors and controls the infusion pumps. The pumps run on Windows CE, commonly used in pocket PCs before smartphones.

In the worst-case scenario, the researchers said it would be possible to adjust specific commands on the pump — including the infusion rate — on certain versions of the device by installing modified firmware.

The researchers said it was also possible to remotely brick the onboard computer, knocking the pump offline.

The bug was scored a rare maximum score of 10.0 on the industry standard common vulnerability scoring system, according to Homeland Security’s advisory. A second vulnerability, scored at a lesser 7.3 out of 10.0, could allow an attacker to gain access to the workstation’s monitoring and configuration interfaces through the web browser.

The researchers said creating an attack kit was “quite easy” and “worked consistently,” said Elad Luz, CyberMDX’s head of research, in an email to TechCrunch. But the attack chain is complex and requires multiple steps, access to the hospital network, knowledge of the workstation’s IP address and the capability to write custom malicious code.

In other words, there are far easier ways … Read the rest

Creative Destruction Lab’s second Super Session is an intense two-day startup testbed

Canadian startup program Creative Destruction Lab (CDL) escapes succinct description in some ways — it’s an accelerator, to be sure, and an incubator. Startups show up and present to a combined audience of investors, mentors, industry players (some of whom, like former astronaut Chris Hadfield, verge on celebrity status) — but it’s not a demo day, per se, and presentations happen in focused rooms with key, vertically aligned audience members who can provide much more than just funding to the startups that participate.

North founder Stephen Lake onstage at CDL’s Super Session 2019

Seven years into its existence, CDL really puts on a show for its cornerstone annual event (itself only two years old), and clearly shows the extent to which the program has scaled. From an inaugural cohort of just 25 startups with a focus on science, CDL has grown to the point where it’s graduating 150 startups spanning cohorts across six cities associated with multiple academic institutions. It has consistently added new areas of focus, including a space track this year, for which Hadfield is a key mentor, as is Anousheh Ansari, the first female private space tourist to pay her own way to the International Space Station and the co-founder and CEO of Prodea Systems.

The ‘Super’ in Super Session

This is the second so-called “Super Session” after the event’s debut in 2017. It includes roughly 850 attendees, made up of investors, mentors, industry sponsors and the graduating startups themselves. As CDL Fellow Chen Fong put it in his welcoming remarks, CDL’s Super Session is an opportune moment for networking, mentorship and demonstration of the companies the program has helped foster and grow.

A keynote track included talks by Ansari and Hadfield, as well as from Celmatix CEO and founder Piraye Beim, and a fireside chat with … Read the rest

Sequoia-backed Whole Biome wants to heal your gut with medical-grade probiotics

Whole Biome has pulled in $35 million in Series B financing from a list of investing titans, including Sequoia, Khosla, True Ventures, the Mayo Foundation and AME Ventues — just to name a few. The goal? To heal what ails you using microscopic bugs.

Medical science has caught on in the last few years about the importance of gut health using these bugs (also known as probiotics). Now startups are pitching in using venture money to come up with new and novel ideas.

“We’re at a unique point in time as the field of microbiome biology converges with enabling cutting-edge technologies and bioinformatics that will open up a whole new world of innovative health products,” said Colleen Cutcliffe, Whole Biome’s co-founder and chief executive officer.

Cutliffe, who hails from DNA sequencing company Pacific Biosciences, along with her partners Jim Bullard and John Eid, built a platform able to compute information from varying populations and compare microbiome sequencing to get a clear picture of what’s missing in a patient’s flora for overall health.

The next step is to use the raised funds to launch a product for the management of Type 2 Diabetes.

Many of the prescription diabetes medications out on the market today can come with a load of side effects like upset stomach, dizziness, rashes or inability to consume alcohol. However, Whole Biome says their product will not have any side effects.

Slated for release in early 2020, the startup has conducted double-blinded, placebo-controlled, randomized clinical trials for a product that releases special probiotics into your gut with the goal of reducing glucose spikes.

“Whole Biome is creating novel, disease-targeting microbiome interventions that have the potential to improve the course of many of the significant health issues facing people today,” said Sequoia partner Roelof Botha. “They have built an … Read the rest

Groupon co-founder Eric Lefkofsky just raised another $200 million for his newest company, Tempus

When serial entrepreneur Eric Lefkofsky grows a company, he puts the pedal to the metal. When in 2011 his last company, the Chicago-based coupons site Groupon, raised $950 million from investors, it was the largest amount raised by a startup ever. It was just over three years old at the time, and it went public later that same year.

Lefkofsky seems to be stealing a page from the same playbook for his newest company, Tempus. The Chicago-based genomic testing and data analysis company was founded a little more than three years ago, yet it has already hired nearly 700 employees and raised more than $500 million — including through a new $200 million round that values the company at $3.1 billion.

According to the Chicago Tribune, that new valuation makes it — as Groupon once was — one of Chicago’s most highly valued privately held companies.

So why all the fuss? As the Tribune explains it, Tempus has built a platform to collect, structure and analyze the clinical data that’s often unorganized in electronic medical record systems. The company also generates genomic data by sequencing patient DNA and other information in its lab.

The goal is to help doctors create customized treatments for each individual patient, Lefkofsky tells the paper.

So far, it has partnered with numerous cancer treatment centers that are apparently giving Tempus human data from which to learn. Tempus is also seemingly generating data “in vitro,” as is another company we featured recently called Insitro, a drug development startup founded by famed AI researcher Daphne Koller. With Insitro, it is working on a liver disease treatment owing to a tie-up with Gilead, which has amassed related human data over the years from which Insitro can use to learn. As a complementary data source, Insitro, like … Read the rest

Famed founder Daphne Koller tells it straight: “With most drugs, we do not understand why they work”

Daphne Koller doesn’t mind hard work. She joined Stanford University’s computer science department in 1995, spending the next 18 years there in a full-time capacity before cofounding the online education giant Coursera, where she spent the following four years and remained co-chairman until last month. Koller then spent a little less than two years at Alphabet’s longevity lab, Calico, as its first chief computing officer.

It was there that Koller was reminded of her passion for applying machine learning to improve human health. She was also reminded of what she doesn’t like, which is wasted effort, something that the drug development industry — slow to understand the power of computational methods for analyzing biological data sets — has been plagued by for years.

In fairness, those computational methods have also gotten a whole lot better more recently. Little wonder that last year, Koller spied the opportunity to start another company, a drug development company called Insitro that has since raised $100 million in Series A funding, including from GV, Andreessen Horowitz and Bezos Expeditions, among others. As notably, the company recently partnered with Gilead Sciences to find medicines to treat a liver disease called nonalcoholic steatohepatitis (NASH) because of all the related human data that Gilead has amassed over time.

Later, Insitro may target even bigger epidemics, including perhaps Alzheimer’s disease or Type 2 diabetes. Certainly, it has reason to feel optimistic about what it can accomplish. As Koller told a group of rapt attendees at an event hosted by this editor a few days ago, “We’re now at a moment in history where a confluence of technologies emerged all at around the same time allow really large and interesting and disease-relevant data sets to be produced in biology. In parallel, we see  . . . machine learning technologies … Read the rest