Biological sabotage campaigns and anthrax attacks: bioterrorism in the past
Although the term bioterrorism was coined in a book entitled Killing Winds by Jeanne McDermott only in 1987, in its modern meaning – so not looking at such ancient examples as when the German tribes poisoned wells to thwart the Roman invasion – it goes back at least to the First World War. At that time, Germany launched a biological sabotage campaign in the United States, Russia, Romania and France with the overall purpose to infect animals such as cavalry horses or mules with e.g. glanders.
Later on, the use of biological weapons was not only limited to animal populations, but these were used to cause harm to people. One of the most famous attempt for a bioterrorist attack was carried out in Japan in the 1990s – and blissfully not a single person got hurt. The religious cult Aum Shinrikyo released anthrax in the subway of Tokyo in June 1993, however they used vaccine strains which are missing the genes that cause a symptomatic response. Although two years later, the group went down again: it attacked people in the Tokyo metro lines with chemical weapons (sarin gas), which resulted in the death of several innocent passengers.
Also, in the wake of 9/11, there was a wave of anthrax attacks which diverted the attention of the public towards bioterrorism as a new weapon in the arsenal of terrorists. A US federal prosecutor later found that a US army biological researcher was responsible for mailing anthrax-laced letters which killed 5 and sickened 15 people in 2001. The cases generated huge media attention and the fear of a new kind of terrorist warfare.
Although bioterrorism, by definition, involves biological agents such as bacteria, virus or toxins which are released with the intention to cause harm: illness or death in people, animals, or plants, I think with the advances in medicine, healthcare, biology and life sciences in general, we will have to adopt a new definition. Anything related to a living organism can be used for harmful purposes. The use of new technologies proves this point.
Existing technologies for bioterrorism
With the advance of technology, medical devices are more and more interconnected and use more and more patient data. On the one hand, it is a positive development, on the other, it causes a serious security challenge. Fortunately, there are no examples for actual abuses of medical technology of this kind, however, we should familiarize with the existing dangers to be able to avoid the pitfalls with potentially lethal consequences.
The Achilles’ tendon of diabetes patients: insulin pumps
In 2011, a researcher from the McAfee tech company demonstrated at a conference in Miami how insulin pumps might be hacked to deliver fatal doses to diabetes patients. Software and a special antenna designed by him allowed for locating and seizing control of any device within 300 feet. The possibility of hacking insulin pumps is scary to say the least. According to Forbes, the problem is that medical professionals are either not aware of security risks or (naturally) do not have IT skills to ask the “sensitive” questions, and while medical devices are becoming more and more networked, security requirements are not keeping up.
Might terrorists mess with our bodies and our brains?
And it is not only an issue for insulin pumps. Security threats are prevalent in the case of X-ray systems, blood refrigeration units, CT scanning equipment, implantable cardioverter defibrillators (ICD) or implantable neurological devices.
Researchers found that neural implantable devices hold the potential to improve many patients’ lives dramatically, but unfortunately, there is no guarantee at the moment that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. And previous examples show that ill-intentioned individuals might have no qualm whatsoever in exploiting such loopholes.
In November 2007 and March 2008 individuals placed flashing animations on epilepsy support websites, causing some patients with photosensitive epilepsy to experience seizures. And imagine what could happen if prosthetic limb systems will allow physicians to connect wirelessly to neural implants to adjust settings or deep brain simulators which can treat Parkinson disease or chronic pain and devices for cognitive function augmentation. Imagine what could happen if hackers decide to bombard the brain through these simulators with random signals or would interfere with the normal formation of memories. Such interference with individuals’ brains might result in irreversible consequences.
And what about our hearts? Is hacking pacemakers possible?
One year ago, researchers at the human simulation program of the University of Alabama were able to wirelessly hack a pacemaker, and to successfully launch brute force and denial of service attacks being able to virtually kill an iStan patient – the most advanced wireless patient simulator. And why should anyone care that a simulated human can be hacked? Because of the dreaded ripple effect. According to the researchers, “If medical training environments are breached, the long term ripple effect on the medical profession, potentially, impacts thousands of lives due to incorrect analysis of life threatening critical data by medical personnel.” And if you still have some doubts, just ask former US Vice President, Dick Cheney, whose doctors in 2013 disabled the wireless program in his pacemaker because of concerns that a hacker might use it to deliver a fatal shock to his heart.
And such fears are far from being overstretched. An American Action Forum report indicates hacks concerning the electrical medical records (EMR) – thus the first step towards medical/bioterrorism through technology – have more than doubled since 2014, with more than 94 million EMRs being compromised. These breaches have cost the American healthcare system an estimated $50 billion. And the non-financial consequences might be even more serious. I believe if we do not pay more attention to the IT security aspects of interconnected and data-driven medical devices, we might easily find ourselves in situations such as the one in the US television series Homeland where the US Vice President was killed through manipulation of his pacemaker.
The dark side of future technologies
As you could see, there are already tangible dangers of using effective medical devices for destruction instead of healing. And imagine how far technological development might get. Here, I compiled a list about the possible technological devices and medical developments affected by the same security concerns in the future. I believe that we will have to find the right answers for every security and privacy concern before technology will be used widely.
Might chips and implants lead to brain damage?
Brain implants will be able to empower humans with superpowers from our wildest dreams. We all might become supermen and superwomen with the help of chips which allow for hearing a conversation from across a room, give the ability to see in the dark, control moods, restore memories or “download” skills such as in The Matrix movie trilogy. However, as I mentioned before, implantable neuro-devices might become dreadful weapons in the hands of the wrong people.
When we have implanted microchips in the brain to enhance cognitive capabilities, this could become a platform for hackers to cause damage from a distance. They could turn on functionalities, simply turn off devices or bombard the brain with random, useless or harmful messages.
Could health sensors under the skin and in our bellies cause harm?
As the medical wearable and sensor market is booming, it is logical to think ahead, what might follow the “wearable revolution”. I believe the next step will be insideables, digestables or digital tattoos.
Insideables mean devices implanted into the body or just under the skin. There are people already having such RFID implants with which they can open up a laptop, a smartphone or even the garage door. Swallowable “digestables“, pills or tiny gadgets could track digestion and the absorption of drugs, while digital tattoos might easily measure all fundamental health parameters and vital signs. Such teeny-tiny devices might be misused by allowing them to infuse lethal drugs into the organism or by stripping off the person of his privacy. That is the reason why it is of utmost importance to pay attention to the security aspect of these devices – since they can be vulnerable to attacks and our lives will depend on the safety precautions of the company developing them.
Could 3D-printed organs be medicine’s black market?
The issue will not be whether 3D bioprinting human organs can solve organ shortages, or whether it’s affordable or whether it’s disruptive enough. The question is how the bad guys will find ways to use these technologies in unsafe, unregulated ways. My concern lies in the languorous workings of today’s medical regulatory bodies. If 3D-printing technologies arrive and are disseminated quickly, then healthcare providers will flood the market with affordable and potentially miraculous treatments. If they arrive in fits and starts, other interests will try to plug the gap. Like always, there are illegal ways of getting organs to people in need, and when bioprinting becomes mainstream practice in medicine, then the bad guys might come up with solutions themselves.
Alternatively, if you can print out organs based on that patient’s own stem cells in a short amount of time, it will become a normal element of healthcare, and then there’s no reason to print organs in a criminal way.
Nanobots as lethal devices?
In the far future, robots on the nanoscale could live in our bloodstream or on our eyeballs and prevent any diseases by alerting the patient when a condition is about to develop. They could interact with our organs, measure every health parameter and intervene if necessary.
Nanobots are so tiny that it is almost impossible to discover when someone for example puts one into your glass and you swallow it. Some people are afraid that by using such tiny devices, total surveillance would become feasible – since nothing can remain hidden when there is a robot swimming through your bodily fluids. There also might be the possibility there to utilize these nanobots to deliver toxic or even lethal drugs to the organs.
Too smart homes?
The era of smart homes as the embodiment of the Internet of Things is upon us. All imaginable devices grow smarter and become more interconnected in our homes, our most private part of our lives. Sensors communicate with each other – often without the interference of humans – and send immeasurable amounts of data to clouds.
You wake up in your bedroom, and your smart sleep monitors tell you the quality of your sleep. Afterwards, you go into the kitchen to have breakfast and your morning coffee. There could be smart forks and spoons that teach you how to eat slowly. Scanners could measure the ingredients, allergens and toxins in your food and let smartphone applications help control your diet. But also, imagine toilets with microchips similar to the MC10 biostamps, sensors logging movement patterns, bathroom sensors following patterns of water usage, digital mirrors measuring basic vital signs. The notion that “Dr. Big Brother” is supervising every aspect of life might be terrifying, annoying and dangerous at the same time. If people find a way to look into the data obtained by our home sensors, they actually peek into our most private life.
Might robots do harm?
With the rapid development of the industry, robots gradually emerge from the sci-fi movies and enter the world of healthcare. Surgical robots constitute one of the most important strain of medical robots. For example, the da Vinci Surgical System enables the surgeon to operate with enhanced vision, precision and control. Thus it contributes greatly to a successful procedure. However, these types of robots have certain security and privacy indications which are not explored in details yet. But there are already signs that they should be. Last year MIT reported that researchers at the University of Washington successfully demonstrated that a cyberattack can be carried out against medical telerobots. Imagine what might happen if a hacker disrupts an operation by disturbing the communication connection between the robot surgeon and the human giving commands to the robotic scalpel.
DIY labs and 3D printing drugs as the citadels of drug lords?
Community labs such as The Citizen Science Lab in Pittsburgh are getting more and more popular. The aim of these laboratories is to spark more interest in life sciences in citizens from small children to pensioners. In these labs people can create whatever they want from producing a drug to using genome editing. However, such DIY biotech projects raise a lot of safety concerns. As the price of lab equipment goes down, the elements of scientific experiments become affordable to anyone. Some say that they carry the risk that criminals or terrorists might use such labs to create materials or use the scientific methods for their own, ill-minded purposes. There are people who think that scientists have been given the right and the responsibility to use such methods and materials – and it is not incidental. It might be dangerous when anyone can make use of these.
The rise of citizen scientists not only results in a new generation of amazing researchers, but also a new platform for criminals to create dangerous substances, drugs and biotech weapons.
The potential in artificial intelligence is unimaginable at the moment. No one knows how the capabilities for AI will look like in the next 20, 30 or 50 years. The biggest fear is that AI will become so sophisticated that it will work better than the human brain and after a while it will aim to take control over our lives. Stephen Hawking even said that the development of full artificial intelligence could spell the end of the human race. Elon Musk agreed.
By far the scariest scenario involves hacking AI systems which we will have in place to defend us, create a comfortable life and do things we do not like to do from organizing traffic jams and the stock market to making difficult medical decisions. If criminals find a way to hack into it, we are literally doomed.
The other side of the coin does also not sound as a rosy walk in a park on a Sunday afternoon. Imagine what if AI would have the capability to hack into systems such as humans do. At the moment human hackers have clear advantages vis-á-vis AI systems, however, we do not know what tomorrow will bring. And in July, 2016 DARPA announced a competition to design AI systems to find and fix security bugs.
What can we do?
- Set up clear guidelines about how to develop technologies and how to supervise the process. Open AI is a good example.
- Appoint knowledgeable decision makers who know more about technological trends and their cultural impact than anyone else. See examples from outside healthcare.
- Educate the public about the potential dangers and also the amazing advantages caused by disruptive technologies. See the Future of Life Institute.
- Push companies working out the innovations towards quality and safety. This is how it could be done with wearable sensors.
- Prepare for worst case scenarios by developing the antidotes and antiserums for biological hazards.
- Work on responses for bioterrorist attacks in connection with technology and inter-connectedness.
Although the path seems to be long and rough, if we can make the right precautions, disruptive technologies will help us create a world where bioterrorism has no place or it is extremely hard to go against human values.