Are we in danger of having our bodies hacked?
February 18, 2015
UK-based security company Kaspersky Lab has teamed up with Swedish bio-hacking community BioNyfiken to uncover the realities of connecting our bodies to the internet.
The number of humans upgraded by technological devices is increasing. Thanks to the invention and wide-spread adoption of implantable aids such as pacemakers, insulin pumps, hearing aids and deep brain stimulation systems, the world is filling with humans who could be considered part machine, claims Kaspersky. But recent media reports describe another breed of upgraded human, people who implant technology in their bodies not for medical reasons, but simply because of greater convenience in everyday life; people with smart implants that allow them to control door locks, make purchases and gain access to computer systems with the wave of a hand. The question then arises, when we allow our bodies to contain increasing amounts of personal, hackable data, is there cause for concern?
"The trend within the internet of things has been to create products and get them to market fast,” said Patrick Mylund Nielsen, senior security researcher at Kaspersky Lab. “Security is often an afterthought, if it's even a thought at all. And although bio-augmentation has been the topic of science fiction for as long as we can remember, not many stories dealt with its everyday implications: What happens when our private keys are under our skin? Can somebody become a virtual copy of me by shaking my hand? Who might be following me everywhere I go? ‘Nyfiken’ means curious in Swedish, and when it comes to answering these questions, indeed we are."
BioNyfiken is leading the charge in normalising the chipping phenomenon and bringing it to the masses. Its view is that having a smart sub-dermal implant is not so different from wearing an earring or having a tattoo, and that an increasing number of people will choose to have NFC-compatible implants containing an array of information.
"The technology is already happening," said Hannes Sjoblad, one of the founders of BioNyfiken. "We are seeing a fast-growing community of people experimenting with chip implants, which allow users to quickly and easily perform a variety of everyday tasks, such as allowing access to buildings, unlocking personal devices without PIN codes and enabling read access to various types of stored data.”
Sjoblad considers the take-off of this technology as another important interface moment in the history of human-computer interaction, similar to the launches of the first windows-based desktop or the first touch screen.
“Identification by touch is innate for humans,” he said. “PIN codes and passwords are not natural. And every additional device that we have to carry around to identify ourselves, be it a key fob or a swipe card, is just another item that clutters our lives. That's why we felt it was crucial to work alongside a leading security expert that really understands the technology to help us analyse the risks. Kaspersky Lab is the ideal research partner for BioNyfiken. They are not only highly regarded security experts and thought leaders, but have been at the forefront of emerging technologies and cutting edge research from their inception."
He said he looked forward to working alongside Kaspersky Lab experts in an open research project to explore the vulnerabilities of these chips in everyday, human-user situations and if vulnerabilities were found, it would be necessary to identify ways to tackle them.
Further to its research with BioNyfiken, Kaspersky Lab will be co-hosting events with the broader bio-hacking community in Sweden and across Europe, aiming to put security and privacy aspects on the agenda. There are already a number of hi-tech buildings in Sweden, such as Epicenter, catering to forward thinking business where NFC implants are regularly used for a range of activities, replacing additional devices.
"Personally, I'd rather not be chipped,” said Eugene Kaspersky, chairman and CEO of Kaspersky Lab. “I do however understand that technological progress cannot be hindered and there will be innovators who are ready to accept the risk and test the limits of technology by experimenting on their own bodies. I'd just rather they did this with their eyes open and with security at the forefront of their minds, instead of as a retrofit after-thought, as so often occurs. That's why I'm pleased BioNyfiken has chosen us to work with on investigating the security implications of connecting our bodies to the web. It might be that our researchers find no concerns, but if people are going to have NFC chips inside them, I'd want to be sure that the experts had thoroughly investigated all the ramifications."