Hacking humans with nanotechnology may sound like a concept from a futuristic science fiction novel or movie, but the truth is, it's not that far off and it could be the next big cyberthreat. If you thought data breaches involving your social security number or credit card information were scary, imagine the ramifications nanotechnology hacking.
What is Nanotechnology & Hacking Humans with Nanotechnology?
Technically speaking, nanotechnology is any technological endeavor that deals with anything with a dimension of less than 100 nanometers. That is very small. For comparison, there are 25,400,000 nanometers in just one inch. Much of this scientific and technological field focuses on working with atoms. While the concept was first brought to light in the late 1950s, it wasn't until the late 1980s that technology advanced enough to actually allow scientists to work in such a small field.
Nanotechnology has several applications. Food, technology, fuels, batteries, environmental causes, chemical sensors and even sporting goods have already benefited from nanotechnology, and will benefit even more in the future. However, the medical field is one of the most exciting for nanotechnology at the moment, though most developments are still in the experimental phase. With these developments comes the ever-present technological risk of hacking.
How is Nanotechnology Used in Humans?
In the future, nanotechnology will be used for incredible purposes. One possibility still being researched is building new muscle with carbon nanotubes. Scientists at IBM are also working on using nanotechnology to analyze DNA in just minutes (instead of weeks) to treat cancer patients with a customized treatment plan. Other medical technology experts are exploring using nanotechnology to send treatments like chemotherapy or vaccines to target specific types of cells in the body. Experimental nanosponges are being tested to absorb toxins in the body, and there are several different nanotechnology projects in experimental phases that seek to hyper target treatment to cancer cells. It is also being explored as an early diagnostic tool to detect cancers and infectious diseases long before our current technology is able. Some nanotechnology ideas include a tiny device that gets injected into the body as a sensor or medical delivery device. This all sounds positive, but there is a downside too.
Is Medical Technology Secure?
Now that we are entering a new era of medical nanotechnology, scientists need to make sure treatments are not only effective, but secure. Many experimental treatments are, after all, electronic medical devices, just on a smaller scale. These tiny devices are typically controlled by a program on a traditional electronic device like a computer, smartphone or server, meaning they could be very hackable. Some digital security experts posit that a single nanoparticle in the body with it's own processor could be hacked, but they also say that if someone had more than one particle in the body, which many treatments would require, a hacker could theoretically turn them into a network in the body, using the body's own systems to communicate and do their bidding.
It might sound like nanotechnology hacking will happen far into the future, but some experts believe some experimental nanotechnology medical treatments will be in use in just two years. Additionally, medical technology already in use today has already been proven hackable. Johnson & Johnson advised users of one of its insulin pumps to not use the remote control feature of the device, and to make sure to set a maximum insulin dose in case of hacking. Recently, the FDA recalled 500,000 pacemakers due to the risk of hacking. In 2015, researchers were able to hack into and deactivate a pacemaker set up on a mannequin, proving these are much more than fears: they are an inevitable reality.
One of the most obvious and dangerous applications for biomedical hacking is ransomware. Nowadays, if your computer gets infected with a ransomware virus, you may have to pay a fee via Bitcoin to get access back to your data. However, when it comes to biomedical hacking, the applications could be much more deadly. If a hacker took over your inner nanotechnology devices, they could demand a ransom with fatal consequences. If you're unable or unwilling to pay, they could easily turn your body against you and at the very least make you suffer or get sick, if not kill you. This type of attack is already having an effect on our medical systems. Recently, the famous Hollywood Presbyterian Medical Center was forced to pay around $17,000 in Bitcoin to regain access to all the data and systems in the hospital after a ransomware attack.
It may also be possible for unsavory characters to use nanotechnology itself against their enemies, not only in hacking attacks. One of the most exciting applications of nanotechnology is inhalable particulate powders developed to directly treat the lungs. These particles can work together to form an artificial cell to do a certain job. Some worry this technology could be an easily weaponized delivery method for bioterrorism efforts, beyond the hacking dangers. Getting infected with something could be as simple as breathing the air, taking a shower or getting a regular vaccination from your doctor.
What Can Be Done to Mitigate Risk in Nanotechnology?
While hacking nanotechnology maliciously may be cause for concerns about security, the technology itself is already being used to fight bioterrorism. Magnetic nanoparticles can be used not only to detect and even remove harmful bacterial infections on food, but the same technology can be used to detect bioterrorist attacks of diseases like anthrax.
However, the most powerful thing that needs to happen to lessen the risk of hacking with nanotechnology is legislation to regulate the types and strength of security required on nano medical devices, and even the function of devices that will be allowed. Much of the risk at the moment comes from the excitement and rush to get the most advanced technology to the table first, meaning thoughts of security may get left behind.
Medical device manufacturers who wish to ensure that their devices are not likely to get hacked should do proper penetration testing. This type of testing exposes and evaluates the risk of hacking increase the safety of medical devices and the programs or applications that accompany them. It may be uncomfortable to expose the vulnerabilities in your medical products, but that is the first step towards fixing any vulnerabilities.
What Do We Call This?
There are several terms that you might think have to do with hacking medical and nanotechnology, but the truth is, we don't yet have a term for this specific set of actions and topics. Perhaps one will develop in the future as they become more prevalent in everyday medical use. For now we can use the terms nano-medical technology, nano-medical hacking and others that truly describe what it is until something else comes along.
Biohacking: The term biohacking sounds like the perfect term to describe hacking medical technology, but it actually refers to "do-it-yourself biology." This is a self-improvement technique that uses diet, exercise and mental techniques to "hack" the body to improve mood, health and overall life satisfaction.
Neobiology: This term does get closer to the matter, but neobiology generally refers to any new advance in biological technology. Nanotechnology and medical device hacking would certainly fall under this umbrella, but the umbrella is very large. Other things like indoor farming, "designer" babies, and other modern biology topics would also apply. It has been used to refer to biological hacking, but mainly refers to anything modern and technological that also has to do with biology.
Internet of Things: Medical devices, including ones using nanotechnology, certainly fall under the internet of things. This means any device, medical or non, that is connected to the internet. It could be your coffee maker that you can set using a remote app or your digital assistant. However, the Internet of Things is also a broad term that, while it encompasses the medical technology we discuss here, doesn't specifically define it.
Wannacry crippled many healthcare providers.
How Real is the Risk?
While technologists have successfully revealed that several different medical devices currently on the market can be hacked, has there been a true case of medical device hacking? The answer at this point is not clear, but there has certainly been crippling hacks of medical centers, like the aforementioned Hollywood Presbyterian Medical Center attack. Additionally, 2017's extremely widespread Wannacry ransomware attack severely affected the UK's National Health Service, affecting their ability to provide care, and costing them a lot of money. It also allegedly affected some medical devices as well. However, it also affected networks and devices in all industries, including transportation, telecommunication and manufacturing on 200,000 machines in over 150 countries.
At this point, the risk seems to be mostly theoretical, though it is just a matter of time before black hat hackers pick up on what white hat hackers have been researching and trying to prevent. The other danger is that in one study, doctors implicitly seem to trust medical technology and are not able to recognize when a device has been hacked in a test. Hospitals are also known for not updating their products unless they do not work of have been officially recalled. One cyber security expert was appalled to find his own daughter had been hooked up to a device he knew was not secure, and had been recommended to be put out of use, while he went home to get her some pajamas. Some of these medical devices are even too old to fix with a patch to update any security flaws in the software.
Some experts believe it is only a matter of time before something fatal happens involving the hacking of a medical device, and that only then will medical providers and legislators take this issue seriously.
How to Get Medical Devices Properly Tested
As mentioned before, penetration testing is one of the best ways to find vulnerabilities in medical devices and ensure that your products are as secure as possible. Alpine security offers a full-range of penetration testing, including in the medical field. Alpine guarantees the results on the test, and the team is highly experienced and certified. With remote and in-person testing options, it's easy to get your products tested to ensure you offer the best in security to clients and users. As nanotechnology becomes more prevalent, penetration testing in the medical field will become even more important due to the aforementioned risks associated with the powerful applications.
No comments:
Post a Comment