Cookies on this website
We use cookies to ensure that we give you the best experience on our website. If you click 'Continue' we will assume that you are happy to receive all cookies and you will not see this message again. Click 'Find out more' for information on how to change your cookie settings.

The security of medical devices is critical to good patient care, especially when the devices are implanted. In light of recent developments in information security, there is reason to be concerned that medical implants are vulnerable to attack. The ability of attackers to exert malicious control over brain implants ("brainjacking") has unique challenges that we address in this review, with particular focus on deep brain stimulation implants. To illustrate the potential severity of this risk, we identify several mechanisms through which attackers could manipulate patients if unauthorized access to an implant can be achieved. These include blind attacks in which the attacker requires no patient-specific knowledge and targeted attacks that require patient-specific information. Blind attacks include cessation of stimulation, draining implant batteries, inducing tissue damage, and information theft. Targeted attacks include impairment of motor function, alteration of impulse control, modification of emotions or affect, induction of pain, and modulation of the reward system. We also discuss the limitations inherent in designing implants and the trade-offs that must be made to balance device security with battery life and practicality. We conclude that researchers, clinicians, manufacturers, and regulatory bodies should cooperate to minimize the risk posed by brainjacking.

Original publication




Journal article


World Neurosurg

Publication Date





454 - 462


Brainjacking, Cybersecurity, Deep brain stimulation, Hacking, Implantable medical device, Implantable pulse generator, Medical device security, Neurosecurity, Neurosurgery