Researchers fear hackers could soon control minds

SAN FRANCISCO - In early 2009, hackers inserted malicious code into an Epilepsy Foundation message board that embedded flashing images into hundreds of posts.

An untold number of epilepsy patients clicked on otherwise normal-looking headlines only to find themselves staring at kaleidoscopic animations. For a handful, the images triggered migraines or near seizures, according to reports at the time.

That might have represented one of the first brain hacks, a computer attack on the mind. But security researchers say it's unlikely to be the last.

'All sorts of mischief'

As brainwave sensors for games and implantable neural devices for diseases become more common and sophisticated, a host of troubling possibilities has arisen.

Early research suggests that hackers might be able to use these tools to extract sensitive information from our brains, like ATM passcodes. And it's not too far a leap to triggering physical movements or perhaps even inserting ideas.

"You could use these to directly interact with the brain," said Ryan Calo, assistant law professor at the University of Washington focused on privacy and robotics, in a recent presentation at Stanford. "You could get up to all sorts of mischief."

He and other privacy and security experts say now is the time to begin considering how to protect against these possibilities.

So-called brain- computer interfaces measure the mind's activity by amplifying and recording electrical signals.

The ability to interpret the patterns is still very rudimentary. Scientists can't, for instance, translate a fully formed thought. But there is some ability to determine state of mind, like alertness or drowsiness, or a strong sense of recognition.

For several years now, companies like NeuroSkyand Emotiv have been selling consumer headsets that allow users to control toys and video games with brainwaves. Both also operate marketplaces where third-party developers can sell software for these systems, much like smartphone app stores.

Calo said these kind of open marketplaces raise the possibility that developers could build apps that masquerade as games, but that actually attempt to harvest information from the user - the strategy some hackers have already used in the Android phone marketplace.

Flash of recognition

Researchers at the University of California, Berkeley, and elsewhere published a study last year that sought to answer whether the consumer-grade devices on the market could be applied for that purpose already.

The researchers had 28 computer science students wear brainwave sensors and watch a series of pictures and prompts, including numbers, bank logos, ATMs, debit cards, months, faces and locations. The theory was that the students' brainwaves would flash with recognition when, say, numbers in their ATM passcode appeared.

Likely to get better

Some of these tests worked better than others, but overall the researchers' ability to predict the right answers improved by anywhere from 15 percent to 40 percent, compared with random guesses.

All of this would seem like a lot of trouble to go through for a marginal result today. But the researchers stressed that success rates are certain to climb as the devices improve.

"We would like to see the technology be as good as possible to provide necessary functionality, but as it improves, it makes the attack possibilities more severe, too," said Dawn Song, an associate professor of computer science at Berkeley focused on security and co-author of the study.

The potential threats go beyond mere games.

The medical field is using, testing or developing a growing number of implantable brain devices to help control symptoms for patients with neurological disorders like multiple sclerosis and Parkinson's disease. Similar treatments might someday be used to help restore movement to paralyzed limbs or even to improve cognition.

New privacy issues

The new nature of the devices demands considerations beyond the usual safety, efficacy and ethical ones applied to medical devices, argued researchers at the University of Washington.

"Unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals," the researchers pointed out in a paper on "neurosecurity" that they presented in 2009.

Other applications for these technologies begin to pose interesting new privacy issues.

In early 2011, NeuroFocusof Berkeley unveiled announced a brainwave sensor known as the Mynd that it declared a "neuromarketing breakthrough."

"For the first time, market researchers will be able to capture the highest quality data on consumers' deep subconscious responses in real time wirelessly, revolutionizing mobile in-store market research and media consumption at home," the company said in a press release.

Two months after, market research giant Nielsen acquired the company.

Some of this might be far-fetched and much of is far-off, but Calo said it's not too early to address the obvious security shortcomings.