"Brain hacking" may be possible in the future
18th August 2012
Researchers have demonstrated a way to potentially "hack into" a person's brain and read their thoughts, using brain–computer interface (BCI) technology.
Brain–computer interfaces (BCIs) have been studied for many decades, as a way of providing direct communication pathways between the brain and an external device. Research has focussed primarily on medical use for assisting, augmenting or repairing human cognitive and sensory-motor functions - allowing people to regain lost hearing, sight and movement, for example.
Following years of animal experimentation, the first neuroprosthetic implants for humans began to appear in the mid-1990s. More recently, non-invasive BCIs have emerged in the gaming and entertainment industries. In 2009, Australian company Emotiv released the Epoc neuroheadset, allowing players to communicate wirelessly with a computer using their thoughts alone. In that same year, the University of Wisconsin-Madison unveiled a brain-Twitter interface, allowing a crude form of virtual telepathy. Mattel has also released a game called Mindflex, in which the brain's electrical activity is measured and used to steer a ball through an obstacle course.
There are countless potential applications for this technology. Exponential progress in decoding the brain, alongside rapid commercialisation of BCI devices, means that their pervasiveness in our daily lives could increase dramatically in the not-too-distant future. At the same time, however, there are a number of security and privacy implications.
Just as smartphones can be hacked, so too can personal BCI devices. In other words, future hackers could obtain personal information by literally reading your mind, given the right software and hardware. That's the conclusion of a study involving a collaboration between the University of Oxford, UC Berkeley and the University of Geneva.
Researchers from the aforementioned universities performed a series of tests using electro-encephalography (EEG) to demonstrate how simple, yet effective, attacks could reveal private and secret information. This included bank cards, PIN numbers, addresses and other details.
A very specific brainwave pattern, known as the P300 response (pictured below), occurs when a person recognises something familiar. The researchers developed a program that flashed up pictures on a screen, noting the occasions when study participants experienced a P300. This data was then analysed - with up to 43% accuracy - to identify where a person lived, their bank details and so on.
Until now, the risks involved in using consumer-level BCIs were never taken seriously and the impact of malicious software with access to such devices remained unexplored. However, the results of this study are likely to raise a number of important questions. Although current BCI technology is still in its infancy, the coming decades are likely to see exponential advances that will pose major security challenges. A world in which your brain can be hacked - perhaps even by your own government - is a scary world indeed.