Brain Hacking

Is technology now mature enough to allow hackers to penetrate our mind?

Brain hacking refers the possibility to attack the human brain to extract sensitive information such as data and memories, including also the capability to inject new information. Hacking the brain makes possible the disclosure of sensitive information such as the debit card PIN, home location and month of birth. Exactly as any other information processor, the human brain may be vulnerable to hacking attacks, and state of the art of technology already allows researchers to measure changes in the electromagnetic field related to brain activity enabling the reading of peoples’ thoughts.

Neurotechnologist Philip Low is currently working to the designing of a portable brain monitor called iBrain that can detect the brain’s electrical activity from the surface of the scalp, individuals with amyotrophic lateral sclerosis or similar pathologies still have healthy brain activity and the iBrain could be used to control a mouse pointer on a computer screen. But also the device might be used to hack the brain.

Recently researchers at the Usenix Security conference have demonstrated that exploiting a zero-day vulnerability in a brain computer interface it is possible hack it. The scientists used a commercial off-the-shelf brain-computer interface for the brain hacking, resulting in the disclosure of private information that victims had in their minds.

The brain-computer interface consists of several components

• the hardware composed by a (an EEG; an electroencephalograph) equipped with a series of sensors that are placed directly on the human scalp
• the software designed to interpret brain activity signals

The price for a Brain Computer Interface device has steadily decreased in the last several years, and today just $200-$300 is sufficient to buy an Emotiv or Neurosky BCI. With these devices one is immediately able to control the computer by thought.

Brain Computer Interface devices generally come with an API which developers use to build applications based on the BCI’s output.  Researchers from the Universities of Oxford and Geneva, and the University of California, Berkeley for example have designed an application able to access to sensitive data in the human brain. The following graphs illustrate the results of the tests conducted with 28 participants, it is important to specify that participants in the program were cooperative because they were not aware of the brain hacking.

The information reading is based on the analysis of P300 response brainwave pattern defined by Wikipedia as:

“The P300 (P3) wave is an event related potential (ERP) component elicited in the process of decision making. It is considered to be an endogenous potential, as its occurrence links not to the physical attributes of a stimulus, but a person’s reaction to it. More specifically, the P300 is thought to reflect processes involved in stimulus evaluation or categorization.”

The pattern is observable when humans see something that is meaningful or recognize something that is related to their current task.

“The researchers basically designed a program that flashes up pictures of maps, banks, and card PINs, and makes a note every time your brain experiences a P300. Afterwards, it’s easy to pore through the data and work out — with fairly good accuracy — where a person banks, where they live, and so on.”

The attacks appear to be ineffective with noncooperative subjects; this means that this technique is not usable during an interrogation, but victims could still be deceived with social engineering techniques. For example, they could led to believe they participating in a simple test or they could be told they are playing a video game controlled by the brain.

So, brain hacking is reality! Hackers soon could be able to extract sensitive data from a human brain with high reliability. Moving forward we can imagine malware able to compromise our brain by capturing the electric impulses generated by our brains.What will be the next step? What could be the effect of an even more malicious attack on the human mind?

The principal nightmare is related to mental modification, the possibility to alter the state of a human brain in situ, transforming the human perception of reality. But brain hacking could also focus the brain in an extreme state, such as extreme anger or fear, or move the mind in what is called “in the zone” status. Working “in the zone” might allow conventional hackers to work with extreme focus and concentration for extended periods of time or to consider more complex tasks and attacks.

The zone state is characterized by a specific signature in the brain activity that could be artificially reproduced.

“The Neurotech company Berka runs are developing technology to monitor people’s brain activity during a task, such as archery, and notify them when they have reached their “peak performance state,” aka, the zone. Essentially, the technology gives people the ability to hack into their own brains in order to improve their performance.”

The future is now … let’s start to think how to secure our brains!