A Future With Neural Implants Means Hackers Can Remote-Control Your Brain
"Give us $10,000 or you're toast."
You can hear the voice clearly, but there's no one in your house. It's coming from inside your head. From your neural implant, to be exact. Hackers.
"We've infected your brain chip with ransomware, and if you don't pay up, we'll fry your gray matter."
This future scenario isn't so far-fetched.
Enter the neural implant, a wireless electronic device connected directly to the brain. It isn't a new concept. Neural implants have been used to help a patient with paralysis type and to help another control his prosthetic limbs with his mind. DARPA tested brain chips in soldiers. One neurologist even hacked his own perfectly healthy brain.
What's more, these chips are getting less cumbersome, more flexible and speedier. Which is great! Except that this wireless communication from your brain to a computer is exactly where the risk of hacking lies.
"When you're talking about lives being at stake, it changes the game," Ted Harrington, a partner at Independent Security Evaluators and an organizer of hacker conference DEF CON's Internet of Things exhibit, told Inverse. "Issues of someone compromising a device in my home — it's my Social Security number, or they can see my baby. It's different if people say, now, it can kill me."
"Hackers are hacking other hackers and preventing their ransomware from working," Dr. Mansur Hasib, Program Chair of the Graduate Cybersecurity Technology program in the Graduate School at University of Maryland University College, said in a phone call. "Ransomware right now is a huge profitable industry. Think about a ransomware hacker hacking into one of these things: 'Hey, if you don't give me so much money, basically we're going to mess your brain up or fry your brain or stop your implantable device from working.'"
The internet of (murder-y) things is susceptible to hackers, as we've seen time and time and time again. So it's important to figure out how to better secure it before we stick an IoT device into our noggins. Hasib doesn't think this will happen "until some people start dying."
He compares it to the issue of installing traffic lights, saying that it sometimes takes a number of deaths to occur before a city or county or local jurisdiction puts a light in place.
"The same issue is going on in health care right now," he said. "Until some real harm is done, these things won't improve. It's more about profits than health care."
Tamper-proofing a neural implant is possible, Hasib said: Manufacturers just need to create them with better, secure authentication. You can also turn the two-way communication off (as Dick Cheney did with his pacemaker), making the device less vulnerable to hackers.
Aside from more secure authentication in neural implant devices, Hasib said, U.S. health care companies' IT and cybersecurity strategy should be run by a cybersecurity expert. Instead, about half are run by a CFO or COO, he said.
"That's like a bus driver driving an airplane without a flying lesson," he said.