Following our latest blog on the Cyberbiosecurity and the threat landscape, it is time to study a bit more on the hacking methods and some types of bio technology devices, which will have big impact on humanity once hit by malicious hackers. Nowadays, people get more and more informed regarding risks and vulnerabilities in cybersecurity and aware of how to use safely computers and smartphones. Just like hackers use ransomware to hold computer files hostage till a ransom is paid, hackers could blackmail and hijack people with implanted medical devices like pacemakers, bionic body parts or reprogram and damage DNA synthesizers, to make virulence genes.
Cyberbiosecurity aims to:
- Identify and mitigate security challenges and risks occurring from the digitization of biology and biotechnology automation,
- Develop and implement safety controls and measures,
- Understand the bio sciences specific risks and cyber threat landscape.
According to recent researchers, the biotech industry is not outside the scope malicious actors. Several criminal cases concerning sabotage, corporate espionage, and extortion, state that most people in the life-bio sciences are not deeply aware of the dangers and consequences.
Biohacking grinder and Hacking examples
Blood test implant
This implant aims to monitor the human body, and focuses on human blood tests. The implant has five sensors, a radio transmitter and one basic power system. This device will monitor substances and quantities of different element in the human body. Following the blood test, the implant will transmit data via Bluetooth to doctors or medical laboratories. The blood test implant could be hacked with via an SQL injection attack. During this attack, hackers use SQL code to manage databases backend data so that they can access the system and retrieve critical data. An Nmap attack is also applicable in this case, for seeking, identifying, finding and recording information of the information system.
This is a body modification implant, which fits in the wearer’s eye, and is allowing people to perceive color through sound waves. This process aims to improve the quality of life of people who have serious visual problems. The chip records and retransmits images and sounds to a computer. This implant could be attacked using Man in the middle attack (MITM), in which case the hacker uses a program to get in the middle of the ‘conversation’ between the user and the application (perceiving IT system), and extract or process information.
As in the previous case, the main goal of these inventions, is improving the lifestyle of people with visual or impairments. Perceiver will be able to understand colors through vibration, using a camera extension on the human head.
The North Sense
This is an implant on the surface of the skin. It aims to indicate through some specific vibrations any magnetic fields near the perceiver. This implant could be hacked by a worm attack, which is a type of malware, retransmitting copies to the attackers computer.
People suffer heart conditions, (heart not beating at normal rhythms), usually have a pacemaker, which is a medical device that generates electrical impulses delivered by electrodes to cause the heart muscle chambers to contract and therefore pump blood. That way, the pacemaker replaces and/or regulates the function of the electrical conduction system of the heart. A hacker, through could interfere within the communication between the pacemaker and the doctor or hospital’s software who is receiving the information. It can be reprogrammed to bringing negative effects to the person using the pacemaker or even shut it down with catastrophic results.
Nowadays, the use of Smartwatch is very common. Smartwatches are usually connected to the user’s mobile phone and can display calls on its screen, messages, images, heartbeat, pulse and more. Hackers can take advantage of these devices’ vulnerabilities, and access to sensitive data. Through these vulnerabilities, hackers can record conversations and edit the GPS tracker. These attacks can be performed via the Bluetooth connection of the smartwatch with the SIM card of the mobile, but also with its connection to public Wi-Fi.
Hacking a bio-device..
In addition to the use of the above bio technology methods, which mainly aim at improving the life of the people, there are big risks for improper use. Hackers can access machines and intercept and modify data of the people using them.
- By scanning the IP address of the device, an intruder could apply a penetration testing tool to steal data recorded in the system. For example, through the Nmap attack, the hacker can enter the system, scan sensitive data, and process them.
- By using malware, the hacker intends to encrypt and intercept information and content, and consequently gain access to valuable data, related to human health.
- Attack via jammer technique. Through this, hackers can determine the function of a human biohacking device. It is possible to change the settings, but also turn it off, endangering the health of patients and users.
- A hospital having access to biotechnology devices or patients’ information within their computer system, is of utmost severity. A less secured software gives the ability to hackers to enter data bases and extract very important information of people who using such devices.
Awareness of the cyber security dangers especially in health-bio science related fields is really important, even if they seem a bit far for the majority of the people! Logstail is here to help companies and organisations monitor and secure their systems and applications, providing assurance that all data and information remain safe!
Our cloud-hosted solution with advanced features brings the functionality of centralised monitoring to your hands. Convert your data into actionable insights and maximize the performance of your infrastructure, or be notified of potential problems and take the appropriate actions. Sign-up for a free demo in order to realize the power of Logstail! Logstail will re-adjust the way you monitor your data and will help you get more meaningful insights of your technical logs, via dashboards and powerful graphs, to stay alert for all possible dangers.
In Logstail we are also offering the full range of services required to effectively mitigate cyber-attacks. Incident response and consulting, penetration testing and red team operations are altogether aiming to help our customers mitigate their cyber incidents. Contact us at email@example.com to get a tailored offer for your business or get a free consultation by our team of globally recognized security experts!