Barnaby Jack: Ethical hacker and expert on security for computers


Barnaby Jack, who has died aged 35, was an ethical hacker who had achieved renown for finding, exploiting and exposing flaws in computer security systems. At a conference in 2010 he famously demonstrated his attack on an automated teller machine (ATM), causing the cashpoint to spew out bank notes on demand. His method became known as "Jackpotting". As a "white hat" hacker he sought to publicly discuss and show defects in computer security so that they could be rectified before other, less unscrupulous, individuals took advantage of them. "Sometimes you have to demonstrate the darker side," he said of his rationale.

Jack was born in Auckland, New Zealand, and grew up with a fascination for computers of all kinds. At the age of 21 he emigrated to the US and joined the company Network Associates, specialising in computer security issues. He subsequently joined Juniper Networks, a manufacturer of networking hardware, in 2006.

In recent years he had developed a specific interest in what is known as "embedded" technology, the hardware and software which are built in to everyday objects around us, such as cars, banking systems, home appliances and medical devices. It was at the Black Hat security conference in July 2010 that he showed his best known hacking feat, after having experimented with two ATM machines he had bought online and installed at home. He recalled of the event: "I demonstrated two different attacks. One was a walk-up attack, where I would literally walk up to an ATM... Within about two minutes it would just start spitting out its entire dispenser. Of course you had to be at the ATM for that one to work."

Of the second presentation he said: "The other attack was completely remote, so I could do it from a laptop in a hotel room or your bedroom... But I also had it harvesting people's credit cards and PIN numbers, which I could then retrieve remotely as well. It was 100 per cent anonymous, and bypassing all authentication."

The following year, while working at McAfee, the virus protection and internet security company, he discovered a fault in computerised insulin pumps that could lead to them releasing lethal overdoses, with the potential to kill diabetics. "My purpose was not to allow anyone to be harmed by this because it is not easy to reproduce," he said in an interview last year, "but hopefully it will promote some change in these companies and get some meaningful security in these devices." The manufacturer promptly announced modifications to the devices to eliminate this potential risk.

Last October he became Director of Embedded Device Security at the company IOActive. It was in this new role that he had been due to present another dramatic attack, which would show flaws in the security of embedded heart pacemaker equipment. The idea had already been anticipated in fiction, in the television series Homeland, which had caused Jack to wonder whether it could be done in reality. He observed that "Malware will often slow down a computer, and when you slow down a medical device it no longer gives the integrity needed to perform as it should."

Jack's proposed technique would allow tampering with the pacemaker from a distance of up to nine metres, using wireless networking technology. He devised a method of logging on to the device without requiring any security and getting it to send a 830-volt jolt of electricity to the person in whom it is implanted. He had already warned of the possible consequences at a conference in Australia last year, saying "...the most obvious scenario would be a targeted attack against a high-profile individual."

He was found dead in a San Francisco apartment a week before the conference at which this technique would be demonstrated, where his talk was to have been entitled "Implantable Medical Devices: Hacking Humans". The initial reaction to his death from some was that this was a practical joke of some kind, organised by Jack himself. His former colleague Dan Kaminsky said via Twitter: "God, the stories. Nobody caused such hilarious trouble like @barnaby_jack"

The conference organisers said Barnaby's talk would not be replaced – "No one could possibly replace him, nor would we want them to. The community needs time to process this loss. The hour will be left vacant as a time to commemorate his life and work, and we welcome our attendees to come and share in what we hope to be a celebration of his life. Barnaby Jack meant so much to so many people, and we hope this forum will offer an opportunity for us all to recognise the legacy he leaves behind."

Barnaby Jack, computer security specialist: born Auckland, New Zealand 22 November 1977; partner to Layne Cross; died San Francisco 25 July 2013.

Start your day with The Independent, sign up for daily news emails
Have you tried new the Independent Digital Edition apps?
ebooksA special investigation by Andy McSmith
  • Get to the point
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs General

Recruitment Genius: Client Services Assistant

£18000 - £20000 per annum: Recruitment Genius: A Client Services Assistant is ...

Recruitment Genius: Junior / Senior Sales Broker - OTE £100,000

£20000 - £100000 per annum: Recruitment Genius: This is an excellent opportuni...

Recruitment Genius: Duty Manager

Negotiable: Recruitment Genius: A Duty Manager is required to join one of the ...

Recruitment Genius: Team Leader

Negotiable: Recruitment Genius: A Team Leader is required to join one of the l...

Day In a Page

No postcode? No vote

Floating voters

How living on a houseboat meant I didn't officially 'exist'
Louis Theroux's affable Englishman routine begins to wear thin

By Reason of Insanity

Louis Theroux's affable Englishman routine begins to wear thin
Power dressing is back – but no shoulderpads!

Power dressing is back

But banish all thoughts of Eighties shoulderpads
Spanish stone-age cave paintings 'under threat' after being re-opened to the public

Spanish stone-age cave paintings in Altamira 'under threat'

Caves were re-opened to the public
'I was the bookies’ favourite to be first to leave the Cabinet'

Vince Cable interview

'I was the bookies’ favourite to be first to leave the Cabinet'
Election 2015: How many of the Government's coalition agreement promises have been kept?

Promises, promises

But how many coalition agreement pledges have been kept?
The Gaza fisherman who built his own reef - and was shot dead there by an Israeli gunboat

The death of a Gaza fisherman

He built his own reef, and was fatally shot there by an Israeli gunboat
Saudi Arabia's airstrikes in Yemen are fuelling the Gulf's fire

Saudi airstrikes are fuelling the Gulf's fire

Arab intervention in Yemen risks entrenching Sunni-Shia divide and handing a victory to Isis, says Patrick Cockburn
Zayn Malik's departure from One Direction shows the perils of fame in the age of social media

The only direction Zayn could go

We wince at the anguish of One Direction's fans, but Malik's departure shows the perils of fame in the age of social media
Young Magician of the Year 2015: Meet the schoolgirl from Newcastle who has her heart set on being the competition's first female winner

Spells like teen spirit

A 16-year-old from Newcastle has set her heart on being the first female to win Young Magician of the Year. Jonathan Owen meets her
Jonathan Anderson: If fashion is a cycle, this young man knows just how to ride it

If fashion is a cycle, this young man knows just how to ride it

British designer Jonathan Anderson is putting his stamp on venerable house Loewe
Number plates scheme could provide a licence to offend in the land of the free

Licence to offend in the land of the free

Cash-strapped states have hit on a way of making money out of drivers that may be in collision with the First Amendment, says Rupert Cornwell
From farm to fork: Meet the Cornish fishermen, vegetable-growers and butchers causing a stir in London's top restaurants

From farm to fork in Cornwall

One man is bringing together Cornwall's most accomplished growers, fishermen and butchers with London's best chefs to put the finest, freshest produce on the plates of some of the country’s best restaurants
Robert Parker interview: The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes

Robert Parker interview

The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes
Don't believe the stereotype - or should you?

Don't believe the stereotype - or should you?

We exaggerate regional traits and turn them into jokes - and those on the receiving end are in on it too, says DJ Taylor