Brainjacking is the unauthorized access of neural implants by a criminal or government agency. It involves hacking surgically implanted devices that connect a human brain with a computer processor to create a brain-computer interface (BCI). If a neural implant in the brain is hijacked, an attacker could conceivably affect the patient's cognition, emotions and motor functions.
Today, neural implants are used in health IT to aid in the relief of chronic pain and symptoms of neuro-degenerative diseases such as Parkinson’s disease. The embedded implants are essentially IoT network nodes that expose the brain's owner to the same security vulnerabilities and attack vectors as other networked endpoints. Experts predict that the market for neural implants will exceed $50 billion in the next ten years.
The concept of brainjacking has been written about in science fiction for years -- but realistically, neural implants did not seem to pose much risk as an attack vector. This line of thought is changing, however, with the emergence of ransomware. Instead of targeting individuals, it is more likely that an attacker will attack the vendor who manufactures a particular implant and encrypt all patient data until the vendor pays the hacker to release the decryption key.