Tuesday, May 17, 2016

brainjacking: the future of security for neural implants


boingboing |  In a new scientific review paper published in World Neurosurgery, a group of Oxford neurosurgeons and scientists round up a set of dire, terrifying warnings about the way that neural implants are vulnerable to networked attacks. 

Most of the article turns on deep brain stimulation devices, which can be used to stimulate or suppress activity in different parts of the brain, already used to treat some forms of mental illness, chronic pain and other disorders. The researchers round up a whole dystopia's worth of potential attacks on these implants, including tampering with the victim's reward system "to exert substantial control over a patient's behaviour"; pain attacks that induce "severe pain in these patients"; and attacks on impulse control that could induce "Mania, hypersexuality, and pathological gambling." 

The researchers discuss some of the ways in which the (dismal) state of medical implant security could be improved. I recently co-authored a set of comments to the FDA asking them to require manufacturers to promise not to use the DMCA to intimidate and silence security researchers who come forward with warnings about dangerous defects in their products. 

The paper has a delightful bibliography, which cites books like Neuromancer, anime like Ghost in the Shell, as well as papers in Nature, Brain, The Journal of Neurosurgery, and Brain Stimulation.