Researchers successfully hack brain, retrieve private data

Researchers successfully hack brain, retrieve private data

Group uses basic, off-the-shelf software to read signals

BY JEFFREY BAUSCH

According to new research presented at the 21st USENIX Security Symposium, brain hacking may soon become a very real threat in today’s increasingly tech-savvy world.

As technology becomes increasingly sophisticated, threats like brain hacking are fast becoming a reality. (Via: poemsforkush.com)

The University of Oxford’s Ivan Martinovic, along with colleagues at the University of Geneva and University of California (Berkeley), discussed this threat in their paper “On the Feasibility of Side-Channel Attacks With Brain-Computer Interfaces.”

The group said that they drew their inspiration for exploring the topic of hacking a person’s thoughts from the increasing number of mind-control-based games and apps now available on today’s market.

Specifically, they highlighted the low-cost, already-available consumer electroencephalography device, the EPOC headset by Emotiv, which allows users to interact with computers based on their thoughts alone.

Emotiv’s EPOC headset allows users to control their computer using just their thoughts alone. (Via: dustinkirk.com)

In their paper, the group writes about the very real possibility that malicious developers could create a sort-of “brain spyware” app designed to trick users into thinking about sensitive information while using the headset, information that they could then steal.

The way in which the mind hackers would do this is by focusing on the P300 brain signal. This particular signal is emitted when something meaningful is recognized. The signal is so accurate, as a matter of fact, that it’s being considered in the design of new lie detectors.

During the course of the group’s study, 28 subjects used off-the-shelf Emotiv headsets and were shown images like numbers, bank cards, ATMs, and people’s faces while being asked questions that targeted specific information.

The subjects’ brain waves were treated and analyzed using signal-processing software. The result? Private information that the team was able to gather was 15% to 40% less random than if the developers were to simply guess the answers alone.

Impressive, yes, but the range is still pretty wide. “This is still very noisy data signal, (and the) devices are not made for detecting these kinds of patterns,” Martinovic told the conference, “but it was possible to see that in any of these experiments, we could actually perform better than a pure random guess.”

The quality of the devices and the signals they produce will improve, he adds, leading him to caution that attackers could exploit this increased accuracy in order to access the information they seek.

Watch a presentation of their report . ■