Pierluigi Paganini August 20, 2013

Brain hacking is the act to read the content of the human brain and modify it, is the technology mature to allow hackers to penetrate our mind?

Brain hacking refers the possibility to attack the human brain to extract sensitive information such as data and memories, including also the capability to inject new information. Exactly as any other computer  computers, human brains may be vulnerable to hacking attacks, state of the art of technology already allow researchers to perceive changes in the magnetic field related to brain activity making possible reading of people’s thoughts.

Neurotechnologist Philip Low is currently working to the designing of a portable brain monitor called iBrain that can detect the brain’s electrical activity from the surface of the scalp, individuals with amyotrophic lateral sclerosis or similar pathologies still have healthy brain activity and the iBrain could be used to control a mouse pointer on a computer screen.

Recently researchers at the Usenix Security conference have demonstrated that exploiting a zero-day vulnerability in the human brain is possible hack it. The scientists used a commercial off-the-shelf brain-computer interface for the brain hacking resulting in the disclosure of information that victims had in their minds.

The brain-computer interface consists of principal components

• the hardware composed by a (an EEG; an electroencephalograph) equipped with a series of sensors that are placed directly on the human scalp
• the software designed to interpret brain activity signals

The price for a Brain Computer Interface is sensibly decreased in the last years, just $200-300 are sufficient to buy an Emotiv or Neurosky BCI, immediately usable to control the user computer.

The Brain Computer Interfaces shall be accompanied with API to build applications able to elaborate BCI’s output.  Researchers from the Universities of Oxford and Geneva, and the University of California, Berkeley have designed an application able to access to sensitive data in the human brain, hacking brain makes possible the disclosure of sensitive information such as the debit card PIN, home location and month of birth. The following graphs illustrate the results of the tests conducted with 28 participants, it is important to specify that participants in the program were cooperative because they were not aware of the brain hacking experiment that had a 10 to 40% chance of success.

The information reading is based on the analysis of P300 response brainwave pattern defined by Wikipedia as:

“The P300 (P3) wave is an event related potential (ERP) component elicited in the process of decision making. It is considered to be an endogenous potential, as its occurrence links not to the physical attributes of a stimulus, but a person’s reaction to it. More specifically, the P300 is thought to reflect processes involved in stimulus evaluation or categorization.”

The pattern is observable when humans see something that is meaningful or recognize something that is related to their current task.

“The researchers basically designed a program that flashes up pictures of maps, banks, and card PINs, and makes a note every time your brain experiences a P300. Afterwards, it’s easy to pore through the data and work out — with fairly good accuracy — where a person banks, where they live, and so on.”

The attacks appear not applicable with not collaborative subjects, this means that is not usable during an interrogation, but victims could deceive with social engineering techniques, they could believe for example to participate in a simple test or they could be convinced to be playing a video game controlled by the brain.

Brain hacking is reality! Hackers soon could be able to extract sensitive data from human brain with high reliability. What will be the next step?

Moving forward we can think to a malware able to compromise our brain capturing our electric impulse generate by our brains, but what could be the effect of a malicious attack on the human mind?

The principal nightmare is related the mental modification, the possibility to alter the state of human main, brain hacking could also refer the act to focus the brain in an extreme state, moving the mind in what is called “in the zone” status.

The zone state is characterized by a specific signature in the brain activity that could be artificially reproduced transforming the human perception of reality and inducing fake thoughts exactly as for application hacking.

“The Neurotech company Berka runs are developing technology to monitor people’s brain activity during a task, such as archery, and notify them when they have reached their “peak performance state,” aka, the zone. Essentially, the technology gives people the ability to hack into their own brains in order to improve their performance.”

The future is now … let’s start to think how to secure our brain!

Pierluigi Paganini

(Security Affairs – brain hacking, security)