InfoSec community mourns the loss of well-known hacker Barnaby Jack

The security community remains in a mixed state of grief and confusion this morning, as word of Barnaby Jack's passing spreads. Known for his work on embedded devices, from the financial world to the medical one, the 35 year-old hacker was a beloved family member to the InfoSec community.

According to the San Francisco Medical Examiner, Barnaby Jack passed-away on Thursday, at 7:50 p.m. local time, but the office would not discuss any further details. The news was confirmed by his sister, Amberleigh, Friday morning. The lack of information has left many of his friends and peers - his extended family - in confusion as they struggle to deal with his sudden loss.

He is best remembered by much of the public for his research in 2010, where he disclosed flaws that enabled a person to force ATMs to spit out cash, a process he called Jackpotting. Video of that talk, along with slides, is available here.

His career and research interests went beyond financial hacking however, as he focused on embedded devices including those used by the medical world. After the ATM presentation, Jack went on to deliver research on vulnerabilities within SCADA systems, implantable insulin pumps, and more recently, ICDs, or Implantable Cardioverter Defibrillators.

In an interview with Vice about his latest work, published last month, Jack explained that the vulnerabilities he recently discovered in the ICDs impact millions of devices. Even worse, these flaws could be exploited to deliver "a high voltage shock of up to 830 volts" from 50-feet away.

"I wanted to look at these devices with the aim of demonstrating and raising awareness of the issues I found, then hopefully spark the manufacturers into implementing a more secure design," Jack told Vice.

As word of his untimely death spread on Friday, researchers and security experts each shared photos and memories of their friend.

"Lost but never forgotten our beloved pirate, Barnaby Jack has passed. He was a master hacker and dear friend. Here's to you Barnes!" - IOActve, Jack's employer

"When I first saw tweets that Barnaby Jack died, I thought it may be a hoax. Sadly, I learned it was true. Great hacker and friend. RIP." - - Kevin Mitnick

"Great memory: Barnaby Jack shooting me in the face with water through a hacked insulin pump whilst doing shots. RIP Barns. You made me laugh." - Dave Marcus

Barnaby Jack was a brilliant researcher, but his friends will always remember him as the man who was quick with a joke and the man who always wore a smile. No matter where he was, he brought a unique energy with him that quickly spread to those around him. His family, on and offline, miss him deeply, and the world is a lesser place without him.

In a statement, Black Hat, where Jack was slated to present his ICD research next week, said that the time slot for his talk will not be replaced:

"We have lost a member of our family. Everyone would agree that the life and work of Barnaby Jack are legendary and irreplaceable. Barnaby had the ability to take complex technology and intricate research and make it tangible and accessible for everyone to learn and grow from. Beyond his work in our industry, Barnaby was an incredibly warm hearted and welcoming individual with a passion for celebrating life. We all have a hilarious and upbeat story about Barnaby. He is truly a shining example of what we love about this community.

"Black Hat will not be replacing Barnaby's talk on Thursday, Aug. 1. No one could possibly replace him, nor would we want them to. The community needs time to process this loss. The hour will be left vacant as a time to commemorate his life and work, and we welcome our attendees to come and share in what we hope to be a celebration of his life. Barnaby Jack meant so much to so many people, and we hope this forum will offer an opportunity for us all to recognize the legacy that he leaves behind.

"Our deepest sympathies go out to Barnaby Jack's family and loved ones. Words cannot adequately describe how much he will be missed, but it is certain that Barnaby will NEVER be forgotten."

Read more about security leadership in CSOonline's Security Leadership section.

Join the CSO newsletter!

Error: Please check your email address.

Tags business issuespersonnelhacker Barnaby JackBarnaby Jack deathsecurityBarnaby JackSecurity LeadershipAmberleigh Jack

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Steve Ragan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place