Hackers Could Soon Be Using Brain Waves To Steal Passwords
NewsPrivacy and Security July 13, 2018 Euan Viveash
As the pace of technology quickens, new research shows that specialized headsets that utilize brainwaves will need better security to stop hackers from stealing passwords and other sensitive information.
A new study by researchers from the University of Alabama has revealed that Electroencephalograph brainwave sensing headsets, or EEG headsets for short, will need to have the same level of security as other devices such as phones, computers and wireless networks, to stay safe.
The study, whose official title is PEEP: Passively Eavesdropping Private Input via Brainwave Signals has shown that hackers could use brainwave patterns to successfully crack users’ passwords by monitoring the brainwaves being transmitted through the headsets.
While there are currently only a handful of EEG headsets available on the market, the advent of Virtual Reaity headsets, hardware companies are competing fiercely to develop a mainstream device that can be used in video-games and other fields.
“These emerging devices open immense opportunities for everyday users,” Nitesh Saxena, an associate professor in the UAB College of Arts and Sciences Department of Computer and Information Sciences said. “However, they could also raise significant security and privacy threats as companies work to develop even more advanced brain-computer interface technology. In a real-world attack,” Saxena continued, “a hacker could facilitate the training step required for the malicious program to be most accurate, by requesting that the user enter a predefined set of numbers in order to restart the game after pausing it to take a break, similar to the way CAPTCHA is used to verify users when logging onto websites,” Saxena said.
The research team used 12 volunteers wearing a currently available EEG Headset to type a pre-set list of randomly generated PINs and passwords into a text box as if they were logging into an online account. While they carried out the task, specialized software monitored them, training itself to recognize individual users typing and the corresponding brainwave. After only a short time, the software was able to make sufficiently educated enough guesses to shorten the odds of a hacker’s guessing a four-digit numerical PIN from one in 10,000 to one in 20 and increased the chance of guessing a six-letter password from about 500,000 to roughly one in 500.
“It is important to analyze the potential security and privacy risks associated with this emerging technology to raise users’ awareness of the risks and develop viable solutions to malicious attacks,” Saxena also said.
One way of offering a potential solution by the Alabama based scientists could be to add ‘noise’ whenever users type passwords or PINs while wearing an EEG headset.
Don’t have an EEG headset but still worried about security on your computer? No? You should be! Take a minute and make sure you’re secure by downloading some security software right here on FIlehippo.com.
Oh, and if you’re thinking about watching the World Cup finals this weekend, why not protect your network and stream the matches live by using a VPN.