Your body is the next frontier in cybercrime
By Laura Hood October 1, 2013
Laura Hood is a commissioning editor for the digital economy at The Conversation.
If you think it’s enough of a chore trying to stop thieves stealing your credit card details and hacking your Facebook, imagine trying to stop them getting into your pancreas.
Advances in healthcare mean that in-body devices to treat chronic conditions or even just make you perform better as a human being are not as far away as you might imagine.
Some of these innovations already exist. The pacemaker has been around for years and drug delivery implants are already quite advanced. Some are controlled remotely and many more will be in the future, significantly raising the stakes in the battle to protect ourselves from cyber-crime.
When TV series Homeland featured a storyline in which terrorists hacked the US vice president’s pacemaker, causing him to have a heart attack, it brought this issue into the public consciousness. But the scenario has been possible for some time, says Sadie Creese, director of the Global Centre for Cyber Security Capacity at the Oxford Martin School, University of Oxford, and more and more people will be vulnerable in the future.
“I think the future of chronic disease control will be implanted devices,” she said, speaking after a talk at FutureFest, an event held in London last weekend. “They will be measuring vital signs, reaching back to the healthcare providers, whoever that might be and wherever they’re based. So you can imagine consultants and doctors around the world, or your local doctor, firing up a single app and being able to receive alerts on a patient.”
Demonstrating this future phenomenon in action during FutureFest, social psychologist Bertolt Meyer allowed a fellow speaker to control his bionic hand using an iPhone app connected via bluetooth.
“My hand comes with an iPhone app. There is an app for that. This gives the word hacking an entirely new dimension because if someone hacked my phone they could hack my hand. There’s a trickle down effect of things we are able to do,” he said.
While many people won’t have to worry about having their limbs controlled remotely like Meyer, in-body devices are not as far away as we might imagine. Meyer noted that it is already possible to hack into delivery systems for diabetics, meaning that criminals could remotely deliver fatal doses of insulin.
As devices like bionic arms become more advanced, it is not inconceivable that people might choose to replace functioning body parts with high performance models. Meyer’s state-of-art hand can rotate a full 360 degrees. How many of us can say that?
Add to this a number of people who will choose to have voluntary surgery or have devices implanted in order to improve their basic health or appearance, and the implications are even more serious. “The truth of the matter is, it’s kind of already here but mainly for significant conditions. Give it five to ten years and we’ll all be wandering around with devices,” adds Creese.
Creese believes the general public needs to start engaging with the debate about their information now rather than leaving it until the technology develops further.
“When we think about cyborg futures, be that healthcare or play, we need to get on top of how we make this citizen centric and how we achieve a fair relationship between people and commerce. In understanding that relationship we’ll understand cyber-security.”
Even before we start taking technology into our bodies, cyber-security threats are changing all the time and individuals are implicated more than ever. While attacks on major companies have been the big prize for criminals and hackers until now, targeting individual consumers is becoming almost as financially lucrative. Now that organized crime organizations have come to embrace cyber-attacks as a tool, the threat is more real than ever.
“Put yourself in a bad person’s position. If nobody can bear to go without their online life, how much are you willing to pay not to give it up? Criminals can lock systems and then charge a ransom to unlock it. Much smaller organisations are being targeted and it’s not unthinkable that you could do some kind of mass version of that against just consumers. If everybody was willing to pay £100 to keep their stuff, and you attack 100,000 people, that’s quite a big payday.”
For Creese, it seems people will only start to take these issues seriously when they personally suffer the consequences.
“I think that the real change and the real concern will come from the general population when more people start to feel pain,” she said.
“Whether that’s the lights going out or no one being able to go to hospital one day or whether that’s not being able to get on the internet for the whole weekend. People have different pain thresholds but in general I think when more people start to feel pain from cyber-attacks there will be a change in the public consciousness. It won’t just be about governments and defence companies anymore.”