Can Your Body Be Hacked?

Photo by ra2studio/iStock / Getty Images

For better or for worse, if you are talking about the Internet of Things (IoT) you can put into your body, the answer is probably yes.

The glass half-full side sees only up-sides for body hacking. Budding DIY cyborg wannabes are experimenting with embedding near field communication (NFC) chips into their wrists to unlock their doors or bio-friendly magnets into their fingertips, presumably to pick up a few extra bucks on bar bets about their X-Man Magneto-like mutant powers. Tech Insider’s Cadie Thompson gathered a few more examples in her roundup on body hacks.

On the dark side, it is not a big leap of imagination to go from last year’s sensational reports on car hacking to medical devices. Just a year ago, on the eve of Black Hat 2015, Wired’s Andy Greenberg published the sensational article, “Hackers Remotely Kill a Jeep on the Highway—With Me in It.”

In a similar vein, researchers from Symantec found potentially deadly vulnerabilities in dozens of devices such as insulin pumps, x-ray systems, CT scanners, drug refrigerators and implantable defibrillators, as reported in “The Internet of Things" section of Symantec's 2016 Internet Security Threat Report.

For their part, government agencies take security around IoT seriously. This spring, the Federal Bureau of Investigation, the U.S. Department of Transportation and the National Highway Traffic Safety Administration jointly issued a warning on the dangers posed by hackers or even terrorists taking control of a motor vehicle remotely. The agencies cited the recent success of security researchers to remotely initiate several actions on a moving car, such as shutting the engine down, disabling the brakes, and affecting the steering.

Nothing comparable has been issued on medical devices by federal agencies, at least not yet.

Most people probably don't know much about the actual state of security in IoT devices, but 70 percent do agree on one thing—they don’t trust it. See our post, “In IoT We Trust. NOT.”

Even for industry insiders, it is a new and emerging topic, one of the primary reasons the Smart Card Alliance has recently launched the Internet of Things Security Council.

It is a story experts in smart card technology know well, and have had to address in industry after industry. From the now ubiquitous SIM cards in mobile devices that enable private, secure communications to the chip technology required by the global electronic passport standards to EMV chip cards for payments, the global suppliers of smart card technology have an established record of accomplishment in securing devices worldwide for more than two decades.

The answers to securing IoT will likely have their roots from those providers of these same technologies.

If you're looking for a forum where all the stakeholders can work together to solve the privacy and security problems facing IoT, and to create an effective ecosystem across all of the stakeholders, check out the Smart Card Alliance’s new Internet of Things Security Council.