By Chris Arkenberg
In what amounts to a fairly shocking reminder of how quickly our technologies are advancing and how deeply our lives are being woven with networked computation, security researchers have recently reported successes in remotely compromising and controlling two different medical implant devices . Such implanted devices are becoming more and more common, implemented with wireless communications both across components and outward to monitors that allow doctors to non-invasively make changes to their settings. Until only recently, this technology was mostly confined to advanced labs but it is now moving steadily into our bodies. As these procedures become more common, researchers are now considering the security implications of wiring human anatomy directly into the web of ubiquitous computation and networked communications.
Barnaby Jack, a researcher at McAfee, was investigating how the wireless protocols between implants and their remote controllers opened up potential vulnerabilities to 3rd party attacks. Working with instrumented insulin pumps he found he could compromise any pump within a 300-foot range. “We can make that pump dispense its entire 300 unit reservoir of insulin and we can do that without requiring its ID number”, he noted, adding that making the device empty its entire cartridge into a host’s bloodstream would cause “deep trouble”. Previously, independent security researcher Jerome Radcliff, a diabetic and insulin pump recipient himself, showed a crowd at the 2011 Black Hat Security Conference how he could wirelessly hack into his own pump to obtain its profile, then alter it in a way that would modify his prescription when sent back to the device.
In another case, computer science researcher and professor at the University of Massachusetts Amherst, Kevin Fu, found that by interrogating an implantable heart defibrillator he could capture its signal and use the identifier to remotely turn the device on & off. This would have potentially catastrophic effects for a patient relying on such a device to maintain a steady heart rhythm. Many new pacemakers include wireless components and remote authentication schemes that are open targets for potential attackers. A near-future wireless implant ecosystem might become a target for scripts looking to scour data or add more microcontrollers to their botnets.
Over the past 15 years these types of malevolent attacks have become the driver for a suite of best-practices used to design security into wireless consumer goods. Until recently, little thought was given to the same challenges in connected devices implanted into our bodies, mainly because there wasn’t much reason to do so. Both the threats and the devices were mostly the province of science fiction and outlier scenarios. But with the advancing pace of convergence & computation we’re now at the advent of a new era marked by the steady ingression of such devices into our bodies, used to manage chronic conditions and preserve us from untimely expiration.
There are now numerous examples of in-the-field connected implants. Stanford researchers have developed a wireless retinal implant that allows the blind to recover the beginnings of sight. The implant takes a video feed from a camera mounted on a pair of eyeglasses and beams it as near-infrared light to a chip implanted at the back of the eye, stimulating retinal nerves to pass visual data to the cortex. In trials, blind users were able to see rudimentary lines and shadows. This device overcomes existing power limitations via a wireless connection to its battery pack. If the power to such a device is cut, the user returns to darkness. Perhaps future devices might allow capture of the visual stream entirely (while hopefully defending against intrusive feed-jacking and advert bill-boarding).
The UK company, Retina Implant, is conducting human trial’s of its own technology that improves on the Stanford implementation by removing the need for an external camera. To treat those with blindness due to retinitis pigmentosa their device uses a microcontroller that includes a pixel array and two photocells sitting at the back of the retina. As light comes in it is transduced and passed as electrical signals to the optic nerve. Although not implemented in their initial trial, the next-generation device will receive its power from a wireless source. It would seem a fairly simple proposition to extend wireless control to include modification of brightness & contrast settings, addition of new visual filters, and sensing capabilities to report on energy use, heat levels, or perhaps the robustness of surrounding cellular structures. Once the transduction language is optimized it would be possible to draw additional images onto the optic nerve, such as alpha-blended head’s-up annotations, rendering augmented reality directly onto the optic nerve.
I spoke with a surgeon at the University of Florida working in pain management who told me of an implanted mat that wraps around a part of the spine in a way that interfaces with nerves targeting a specific locus of chronic pain, such as a joint injury. The mat can be remotely programmed to provide varied modulation of the nerves to assist in pain relief. When I suggested it won’t be long before you can control your pain management mat with your iPhone he didn’t even blink, saying simply “Oh, yeah”. Remote microcontrollers are extended by the supercomputers in our hands and will draw 3rd party services into this new relationship.
These somewhat rudimentary examples are notable not only because they signal the evolution of implantable medical devices to include wireless components and over-the-air authentications but also because they illustrate the flow of capital investments into such technologies. The past 10 years have shown countless research papers published out of labs working to bring more sophisticated microcontrollers into alignment with real-time remote communication protocols. Now this research has moved out of the labs as viable commercial applications finding their way into our bodies. On the wave of capital flowing from the aging Boomer generation ride innumerable start-ups seeking funding rounds to finance their biomedical devices. As this young industry matures, regulatory agencies and standards bodies are taking notice.
To manage the frequency needs of these new connected implants the FCC has proposed to set aside a spectrum of wireless bandwidth reserved specifically for their use.
The IEEE recently published a new standard, IEEE 802.15.6(TM)-2012, “optimized to serve wireless communications needs for ultra-low power devices operating in or around the human body”. The Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) published a report provocatively titled “Attack Surface: Healthcare and Public Health Sector” [PDF] offering guidance for addressing the apparent oncoming onslaught of hackers seeking to compromise our implants. Offering a bit of a twist on implant-enabled attack surfaces, the TSA recently diverted a US Airways flight when a passenger told a steward that she had special needs due to a surgical implant.
It seems the TSA is growing concerned about implanted explosive devices. No doubt additional regulatory structures will evolve to address wireless implant tech though such controls may not reach the back-alley biotech shops in Bangalore, Lagos, Sao Paolo and similar destinations across the developing world less encumbered by such oversight.
Wiring up our medical implants to remote processes provokes discussion of many significant implications. Security is obviously a concern and the recent movement of government agencies to address the issue reinforces the imminence of its arrival while hopefully re-assuring potential recipients that such devices will be adequately secured and quality-controlled. As we instrument ourselves and connect to standard digital communication protocols 3rd parties will inevitably move into the interstitial space. While some may be malevolent, many will be motivated by the same somewhat uneasy combination of self-interest and do-gooder-ness that drives the rest of our economy. Service layers will be built to manage the patient-implant-doctor relationship, enabling more precise on-demand control while sending real-time data to medical analytics dashboards. Messaging will pass event commands to your devices and notifications to your doctors. As this data flows off of 3rd party micromachines and through 3rd party service providers questions of data access & ownership will further erode the boundaries between our bodies and the web of information in which we’re embedding.
Like all good service platforms, API’s will be developed around these device-data ecosystems to make them standardized, interoperable, and social. It’s safe to assume that some sort of mobile application layer will evolve to give us greater insight and more immediate control over our biological processes. Inviting the Internet of Things into our bodies may very well reveal much more information about physiology and biochemistry while potentially opening up entirely new behaviors & capabilities. Efforts in brain-machine interface are opening up the likelihood of bionics to replace lost limbs and to overcome motor disorders. As neural implants mature and the precision of their capture & transduction capabilities converges with wireless communication, how long might it be until we have some rudimentary degree of telepathy based simply on familiar http & REST protocols dancing across the FCC-approved wireless implant spectrum? Will a time come when we fall asleep counting electric sheep streamed directly into our brains from the devices on our bedside?
It’s worth considering those who are already moving into this new relationship, like Cathy Hutchinson who recently overcame 15 years of paralysis by using her mind alone to direct a robotic arm to deliver a cup of coffee to her lips. What sort of future cybermorphology might she be stepping into? Might the aging western nations invest their 1st World retirement savings into biocybernetics, stepping away from the un-augmented masses across some future transhuman gap?
Computation has reliably gotten smaller and more powerful, instrumented with greater capacity to sense surrounding conditions and to communicate across the air with a global mesh of sympathetic devices. We now hold incredible amounts of computational power in our hands and these devices sit adjacent to literally billions of sensing & communicating microcontrollers embedded into infrastructure, machines, tools, goods and garments. On top of this mesh we’ve built vast service layers to stretch greater utility across their abstracted functional landscapes. Our never-ending medical needs seem to compel us to draw these solutions into our own bodies in hopes of some great cybernetic control to stave off infection, malaise, chronic suffering, and untimely demise. As we grow more comfortable with them we’ll inevitably begin self-tuning for optimizations, enhancements, and special powers. Yet, if we are to jump into the technological convergence, instrumenting and extending and connecting ourselves through a sort of soft machine hybridization, network security will be only one concern on the road to a new form of humanity that may challenge our very notion of what it means to be human.
Chris is a researcher at the Hybrid Reality institute. He is an independent researcher, analyst, and innovation strategist in the San Francisco Bay Area. Follow him @chris23