Listen to this story
At the age of 16, British filmmaker Christopher Nolan fantasized about the art of mind control. It took him almost ten years to pen down his vision and bring it to life with the release of the science fiction action film ‘Inception’ in 2010. The movie starring Leonardo DiCaprio kept its viewers hooked till the last minute with the make-believe concept of “dream invaders” who stole the information by infiltrating the subconscious of their targets. The film’s ingenuity won praise worldwide and brought into perspective the unexplored possibility of hijacking the human mind.
In the form of illusions, hypnosis or machines, experts from varied fields have imagined developing ways to stimulate and control the human mind. However, hacking the mind has equally intrigued the world of cybercrime, giving birth to “Brainjacking”.
What is brainjacking?
Brainjacking — combined with the words brain and hijacking – isn’t as whimsical as one would want to believe. It can be understood as the exercise of unauthorized control of another individual’s electronic brain implant. Termed illegal, brain jacking involves hacking into the surgical implants connected to the human brain to create a brain-computer interface – direct communication between an external device and the brain’s electrical activity.
With increased cyber-attacks on the healthcare sector and the ease at which medical implants such as pacemakers and insulin pumps have been compromised, brainjacking has emerged as a new threat to target and exploit the implants technology.
The concept of facilitating human memory was proven as early as 2018. In a breakthrough study published in the Journal of Neural Engineering, a team of researchers was able to boost the ability of individuals to create memories. The experts worked with human volunteers, and extracted-encoding electrical signals for the study as the subject performed a memory chore. On re-injecting the signals, the performance was boosted by almost 37%.
“This is the first time scientists have been able to identify a patient’s brain cell code or pattern for memory and, in essence, ‘write in’ that code to make existing memory work better, an important first step in potentially restoring memory loss,” lead author Robert Hampson at Wake Forest Baptist stated in the report.
To understand the severity of brainjacking, it is essential to know how hackers can exploit it.
Deep Brain Stimulation
The cyberpunk action film ‘Upgrade’ broadly defines the concept of deep brain stimulation (DBS), a neurological process where implanted electrodes and electrical stimulation are used to treat movement disorders. The movie follows the life of Grey Trace, an auto mechanic who suffers paralysis after being shot in the neck. Struggling as a wheelchair-using quadriplegic, Trace decides to insert an artificial intelligence-based chip ‘STEM’ in his body and is finally able to regain control of his motor functions.
While DBS works on a similar concept, it is far less dramatic than the film’s plot. Often doctors use the DBS to tackle various movement disorders such as Parkinson’s disease (PD), essential tremor, dystonia, and other neurological conditions when the medicinal treatment becomes less effective, or the response is slower than expected.
In movement-related disorders, patients experience neurological conditions caused by disorganized electrical signals in that area of the brain which controls the movement. With the help of DBS, neurosurgeons can target those regions of the patient’s brain with varied stimulation to increase control. This allows them to efficiently tackle the distressing symptoms of patients as DBS disrupts the irregular signals that trigger movement disturbance.
After understanding the patient’s brain signals and movement better, doctors implant leads (wires) in the brain connected to a compact electrical generator, known as the neurostimulator, inserted and placed under the collarbone. It is through this system that pluses of electric current are passed through the neurostimulator to the patient’s brain.
However, gaining access and control of the human brain with wireless stimulators may have severe consequences when exploited with malicious intent.
The darker side of DBS
Most sci-fi and animation fans would agree that great discoveries, in the hands of a malicious actor, often lead to evil outcomes, whether it was Mojo Jojo from The PowerPuff Girls, Doctor Octopus in Spiderman or Thanos in Avengers: Infinity Wars, who nearly wiped out half of the human population.
When it comes to DBS, this is precisely what experts fear. As advantageous as the treatment may be for patients suffering from a movement disorder, the stimulation generates endless opportunities for those intending to exploit it. In a ‘neurosecurity’ breach, a threat actor would target an individual with a neurostimulator to gain control of the device.
The growing market
In the coming future, the global market size of brain implants is expected to reach $8.29 billion by 2025 at a compound annual growth rate (CAGR) of 9.1% from 2021 to 2028, with neurological disorders being the primary drivers.
According to a market report by Grand View Research, an evident increase in neurological conditions such as Parkinson’s disease, Alzheimer’s, and epilepsy combined with a rise in awareness among people regarding the benefits of brain implants and their positive outcomes has led to the overall growth of the market.
The World Health Organization termed neurological disorders among the major causes of mortality worldwide, leading to 13.2% of deaths in developed countries and 16.8% in low- and middle-income countries, creating an urgency to incorporate long-term solutions that include spinal cord stimulators and deep brain stimulators, the report stated.
Moreover, US Brain implants have proven to play a crucial role in assisting people and providing them with providing therapeutic solutions for depression. Thus, adding relevance to the advancement in neural implants.
However, the high number of people using the implants also increases their vulnerability and susceptibility to attacks where a hacker could compromise the wireless system of the implants and harm the patient.
How hackers can take advantage
With the growing demand for neural implants worldwide, it is essential to understand how malicious actors can misuse them. A researcher by the Oxford University Functional Neurosurgery Group and cybersecurity software company Kaspersky studied existing neurostimulators and supporting infrastructure to highlight vulnerabilities that hackers could exploit.
- Unencrypted data transfer: With the data not being encrypted, it becomes easier for hackers to access any transfer of information between the programming software, the implants, and any interlinked networks. According to the report, this vulnerability leaves not just the patient’s implant open to access but also those connected to the same infrastructure
- Device Protection: Due to the crucial role the implant plays in the well-being of the patient, it is essential for devices and their security measures to be comfortably accessible to the physician, especially in times of emergency. Moreover, due to this aspect, the devices need to be fitted with a software ‘backdoor’ that makes them more vulnerable to attacks.
- Exposed and insecure inter-connected infrastructure: As per the study, exposed interlinked online management platforms, often used by healthcare teams and departments, pose a serious threat to the security system as they are vulnerable to attacks and can be exploited by hackers.
- Medical staff: Like in most organizations, it is essential to train the staff to secure critical patient information. However, the research revealed that in many medical firms, programmers installed with critical software could be easily accessed with stored passwords, had various apps downloaded on them and were used to browse the internet.
How Real is the threat?
Several movies, series, and games alike have explored the more profound and darker concept of brainjacking and how easily a hacker could gain access to the devices and manipulate them to their advance; however, despite cybersecurity vulnerabilities in neurostimulators being deemed as a potential threat, there haven’t been incidents confirming the misuse.
“Broken Hearts”, the tenth episode in the second season of the Homeland series, featured a similar concept where a hacker could assassinate the United States vice president by accessing his pacemaker and controlling his heart.
Interestingly, former Vice President Dick Cheney had gotten the wireless feature of his pacemaker implants disabled in 2007. Cheney spoke about the potential threats in an interview with CBS news in 2013. “I found it credible,” Cheney said, talking about the episode. “Because I know from the experience we had and the necessity for adjusting my own device that it was an accurate portrayal of what was possible.”
However, according to a 2022 report by American news agency United Press International, the FDA to date has not received any incidents of “deliberate or intentional compromises of medical devices due to cyber exploits.”
The concept, in theory, and practice, is yet to advance to a stage where an individual’s mind can be fiddled with to the extent of distorting or wiping brain memory. So, though brain jacking isn’t Michel Gondry’s movie ‘Eternal Sunshine of the Spotless Mind’, where the couple decides to erase one another’s memory after their relationship turns sour, it sure poses a severe threat to individual autonomy in the near future.