Brain-Hack: Remotely Injecting False Brain-Waves with RF to Take Control of a Brain-Computer Interface

The promise of Brain-Computer Interfaces (BCIs) is counterbalanced by concerns about vulnerabilities. Recent studies have revealed that EEG-based BCIs are susceptible to security breaches. However, current attack approaches are challenging to execute in real-world settings because they need access to, at a minimum, the EEG data stream. In this work, we introduce an unexplored vulnerability of current EEG-based BCIs that consists of remotely injecting false brain-waves into the recording device. We do this by transmitting amplitude-modulated radio-frequency (RF) signals that are received by the physical structure of the EEG equipment. We demonstrate the versatility of our system by successfully attacking three different categories of EEG devices: research-grade (Neuroelectrics), open-source (OpenBCI), and consumer-grade (Muse). We test our attack system by taking control of three different BCIs: a virtual keyboard speller, a drone-control interface, and a neuro-feedback meditation interface. Our system was successful in each case, forcing the input of any desired character with the virtual keyboard, crashing the drone, and reporting false meditative states, respectively. To the best of our knowledge, this is the first time that an EEG device is remotely hacked at the physical layer. This work shows the risks that can arise from this type of attacks, which can not only be dangerous by seizing control of a BCI, but could also lead to severe misdiagnoses in clinical EEG tests.