A recent study shows that the hackers can guess the passwords of users by supervising their thoughts. The study also indicates that brainwave-sensing headsets need better security.
Electroencephalograph (EEG) headsets permit users to manage robotic toys and video games with the mind.
PhD student Ajaya Neupane, who was included in the experiment, has used one EEG headset presently obtainable online and one clinical-grade headset used for scientific investigate to display how easily a malicious software programme could passively eavesdrop on a user’s brainwaves.
Nitesh Saxena, associate professor from University of Alabama, “These emerging devices open immense opportunities for everyday users.”
“However, they could also raise significant security and privacy threats as companies work to develop even more advanced brain-computer interface technology,” said Saxena.
Saxena also said, “In a real-world attack, a hacker could facilitate the training step required for the malicious programme to be most accurate, by requesting that the user enter a predefined set of numbers in order to restart the game after pausing it to take a break, similar to the way CAPTCHA is used to verify users when logging onto websites.”
According to reports, “During the study, the researchers asked 12 people to type a series of randomly generated PINs and passwords into a text box as if they were logging into an online account while wearing an EEG headset, in order for the software to train itself on the user’s typing and the corresponding brainwave.”
The team found that, after a user entered 200 characters, algorithms within the malicious software programme could make educated guesses about new characters the user entered by monitoring the EEG data recorded.