Hacking the Six Million Dollar Man
- By Winston Thomas
- November 29, 2022
The future of man is about to face a cybersecurity reckoning.
A new trend — biohacking — is seeing individuals wiring themselves to become interfaces to a wired world. Yet, using the body as a tether to an insecure internet where hackers roam and malware prowl is getting many to question whether the world is ready.
We can’t wait for legislation — we are still debating where to draw the line between freedom of speech, personal privacy, and national security.
So the onus is on the biohacker to protect himself, herself, or themselves. But is that enough? Whose fault is it when a biohacker becomes a vector? And who will you defend if the data in your implants get locked and ransomed?
“I think we're coming up to a very critical point in the evolutionary journey of humans and technology,” says Len Noe, CyberArk’s technical evangelist, and resident white hat hacker.
Transhumanity
When you mention biohacking, tech-savvy futurists tend to think about manipulating genetic material and changing their bodies for longevity or doing something humanly impossible.
Biohacking is viewed as DIY biology on the other end of the spectrum. It can be as non-invasive as changing your diet, or it can mean inserting implants under the skin or on specific body organs.
The truth is somewhere in between.
In some ways, we are already manufacturing “six million dollar men.” Permanent artificial hearts are now real science, and using prosthetics is becoming an accepted social norm.
Many of these efforts are seen as fixes to defects or accidental injuries. But in the future, as biohacking catches on and becomes fashionable, people will do it voluntarily — akin to getting a tattoo.
Noe, who is passionate about the implants underneath his skin, says biohacking has already entered the cybersecurity space. “There are some pen testers in the U.S. that I know personally who have these types of implants to do Red Team engagements,” he shares.
Red Team engagement is when penetration testers are tasked to hack into a network and capture valuable data using whatever tactics necessary.
“But the fact that I can do it, and I know that red teamers are doing it, leads me to the conclusion that it's feasible and provable that it can be done.”
That’s all nice if your red team is composed of white hat hackers like Noe. But what if it is a black hat?
Skin deep
Noe has a unique perspective on black hat hackers. He was, after all, one.
His family turned him white. “When my first grandchild came along, it was kind of one of those pivotal life-changing moments in my life,” Noe adds.
Becoming a white hat hacker was not a gradual path. “It was a mind shift; there was no black to grey to white.”
For Noe, curiosity drove him into hacking.“For me, it’s always been about solving a puzzle,” he explains.
So, it’s no surprise that Noe started hacking himself. So biohacking himself was just the next step to quenching his desire to solve puzzles.
The community, while small, is growing fast. Noe cited Dangerous Things, the company where he gets his implants, on how widespread biohacking is.
“There have been over 300,000 implants sold since his company's creation in the U.S. So I can tell you that at least 300,000 units are floating somewhere in the country,” Noe observes.
And that’s only one company.
The implants are silicon-based or use biomembranes. So, Noe can walk past most scanners tuned not to beep when you’re wearing thin metallic chains.
“I can fly nationally almost on a weekly basis. But one thing that people fail to realize is that the laws are different in different places,” Noe points out.
It’s not a stretch of anyone’s imagination that a black hat with the right implants can walk past physical security and hack into a system. And if identified, the malicious biohacker can say that HIPAA medically protects these implants.
But for Noe, such thinking is missing the point. Hackers, he says, are always finding the easiest route to get a maximum return or do damage.
“People don't really do a security test for a lot of the cameras that they buy. So they could be walking vectors; they can be compromised. You don’t have to be a biohacker to become one.”
Personal matter
The future will be very different, says Noe.
As more people augment themselves with implants and laws preventing or safeguarding them remain non-existent or weak, cybersecurity fears will become personal nightmares.
New scientific development is making the economic case for hacking biohackers more lucrative.
He discussed using CRISPR technology to repair genetic mutations that cause retinitis pigmentosa (RP). “So, we're becoming, in my opinion, designer human beings. And I think [designer human beings] will break into a couple of different factions.”
Scientists are also looking to use DNA to store data, a practice captured in the 1995 cyberpunk film Jonny Mnemonic.
“One gram of DNA will actually store over seven petabytes of data with a data retention of at least 125 years provided you have the right environmental conditions,” shares Noe.
Like Johnny, hacking stored information for nefarious purposes or locking it up for encryption for ransom is not far off.
Then you have Brain Computer Interfaces (BCIs) then allow you to control digital environments with the power of thought. Initially used for helping paralyzed people, today, companies use it for various activities — from understanding employees' mental health to creating “passthoughts” for security and controlling robots.
For Noe, biohacking is part of natural human progression. “If we look at it, what was considered revolutionary medical science 100 years ago? It was a lobotomy!”
When biohacking becomes common, and there’s real money to be made, you can bet black hat hackers will seize the opportunity.
Distrust era
But not yet, says Noe. “It also comes down to a return on investment question. The returns of ransoming encrypted data or trading verified bioinformation is more lucrative. Hacking a single [transhuman] is not — at least not yet.”
While the biohacking community is growing fast, it is also still small. It is still considered fringe science and not worth the attention for many hackers.
The implants are also basic. “The current technology for consumer-grade implants is very limited in scope. So we can do pretty much RFID and NFC and subcategories of those two frequencies,” Noe explains.
However, Noe believes attitudes toward biohacking will change. “Everything is science fiction until it isn't,” he adds.
When biohacking stops becoming science fiction, we need to address the security implications from personal points of view.
Noe adds that the lessons learned protecting end devices and cloud-based IoT devices will help as he views biohacked individuals as living and breathing edge devices.
Instead of putting rings of perimeter defenses, the zero trust model shows how biohacked individuals can secure themselves. Making the zero trust model part of our lives needs some reverse social engineering, though.
“Most adversaries are very, very opportunistic. So that's where that defense in depth and layered security approach comes in,” Noe advises.
What worries Noe is the development of AI. While he applauds its progress, he worries how deep fakes, AI adversarial algorithms, and AI-driven malware that can continuously prod individual defenses for holes can compromise implants.
Such a future is not far away. Noe hopes governments and the security industry would have gotten their act together by then.
If not, going on your next date may turn out to be your worst security nightmare.
Winston Thomas is the editor-in-chief of CDOTrends and DigitalWorkforceTrends. He’s a singularity believer, a blockchain enthusiast, and believes we already live in a metaverse. You can reach him at [email protected].
Image credit: iStockphoto/ robypangy
Winston Thomas
Winston Thomas is the editor-in-chief of CDOTrends. He likes to piece together the weird and wondering tech puzzle for readers and identify groundbreaking business models led by tech while waiting for the singularity.