Computer viruses are not exactly a new phenomenon. Neither are human viruses. But don’t you think it would be a little strange if a computer came down with the sniffles, or if you contracted a trojan (and I’m not talking about the latex kind…)? Well, your PC isn’t likely to be allergic to pollen or pet dander any time soon (although you should clean the fan every few months just to be sure), but it is now possible for you to contract a computer virus. Thanks to the wonderful word of microchips and RFID, everything from your Grandma Rose’s pacemaker to your ID badge at work could become infected.
When you think about it, it’s not really all that mind-boggling to think that these little gadgets and gizmos can get infected. They are, after all, just other forms of computers and communication. I’m amazed it’s taken this long for someone to figure this out, actually.
Mark Gasson is a researcher at the University of Reading, and he has become the first person to be infected with a computer virus. He did so by implanting a tiny RFID chip in his hand, and then writing a malicious code to put on it. He then scanned it with the reader typically used for the ID badges at the college. When the reader reads his chip, the virus is transferred to computer database that controls which employees get access to which parts of the building/campus. When other people scan their badges, those badges are now infected and will pass the virus off to all other RFID scanners it comes in contact with. Not only that, but it could also be used to collect and transfer data from the employees’ accounts and give it to Gasson whenever he scans his card. Ultimately, Gasson could end up with access to every locked door on the premises.
This is a relatively harmless implementation, but it shows that wireless implants and computers can be used infect each other. As things like pacemakers become more evolved, it could be possible to infect them, as well as a host of other devices and implants in the body. Thinking about the possibility of a denial-of-service attack on a pacemaker or brain stimulator doesn’t exactly brighten my day…
As an Information Security major, I am really hoping this threat doesn’t amount to anything, because it seems like it would be a royal pain in the butt to deal with. Of course, as the threats become more and more real, I have no doubt that we will find replacements for things like RFID chips/readers, and find ways to secure the chips that are implanted in our bodies/clothes/pets/phones/EVERYTHING. I think it will be really interesting to see how this all pans out in the coming years. I also think that releasing this story and information was a stupid idea. It doesn’t really benefit the general public, and opens up a whole new world of possibilities for would-be hackers who may or may not have ever thought of it, or at least not for a while.
This is where I hope that none of our readers are evil-minded code-monkeys, because if they are, I just made the problem worse. Sorrrryyyyyyy. 😉