As the world becomes more integrated with computers in every product, it comes as no surprise that computer-related crime is also increasing. More people are becoming computer savvy and our computing power is continually increasing. But humans aren't the only ones we need to worry about anymore.
In a recent interview with Raconteur, cyber defense expert Cameron Brown stated that he believes computers and artificial intelligence may commit more computer crime than actual humans by 2040.
This is not the first time individuals have attempted to predict the future—remember how fusion power has been only 20 years away since 1960? But if there is any truth in this claim, what does this mean for computer security? How can we keep our systems safe? An intelligence that never sleeps, never eats, and is constantly crunching numbers with malicious intent is a frightening prospect.
Let's take a look at the current environment of cyber crime and how it might evolve over the coming years.
The Rise of Cyber Crime
Modern cyber crime can be aimed at individuals, governments, or oftentimes businesses. Attacks can be enacted by several different sources: individual hackers, organized crime groups, terrorists, and sometimes insiders in businesses.
Cyber crime can take the form of viruses and malware, SQL injection, phishing, social engineering, and more. The goal of these attacks is often to gain access to secure information, whether that may be personal financial records, behavioral data, or internal communications. And these attacks are occurring with startling regularity.
In 2014, CNNMoney reported that almost half of American adults had been hacked that year alone.
In 2015, cyber-crime was responsible for 53% of all crime in the UK (PDF).
Image courtesy of the National Crime Agency.
That may seem hard to believe but figures show that 556 million people are victims of cyber crime—on average that's 1.5 million victims per day.
It is believed cyber crime could end up costing billions of dollars of damage (PDF), which only stresses the need for stronger security systems and better computer education to those connected to the internet. It also stresses the need for consequences for hackers who create security breaches.
A recent example of a cyber attack and the following legal action is the case of Lauri Love. Love is a British cyber activist who's been accused of penetrating systems belonging to the FBI, the US Navy, and the Federal Bank.
Just days ago, a British judge ruled that Love can be extradited to the United States for trial.
Lauri Love is accused of hacking into US Military servers and the Federal Bank Reserve. Image courtesy of Free Lauri.
Love is accused of multiple counts of "computer misuse" under British law. If successfully extradited to the United States, he will go to trial for crimes that could sentence him to up to 99 years in prison. Love's case demonstrates the extent of response that governments are beginning to take when they believe their systems have been compromised.
Most times, such crime is committed with the unknowing help of the victims. For example, commonly used passwords (love, secret, god, etc.!) are easy for a brute force attack which involves the attacker trying many different password combinations they can think of. Victims help attackers by using out-of-date software which hosts serious security flaws (a reason to upgrade from Windows XP) that can be exploited and easily hacked. Of course, there are even worse ways which people fall for attacks such as click bait ("You're our 1,000,000th visitor! Click to claim your prize!").
Most cyber-attacks are easily avoided for individuals by taking preventative measures. In most cases (but not all), you can avoid attacks by:
- Not clicking on unknown links
- Not clicking pop-up ads and filling in personal information
- Never giving away crucial bank details such as pin numbers
- Always using anti-virus
- Keeping software up to date
- Not visiting suspicious websites or illegal websites (torrent sites, for example)
Unlike home computers, systems such as servers often use encryption based on prime numbers. This makes it very difficult to brute force attack a server and decrypt sensitive information such as passwords and debit/credit card numbers. For those who are unaware, prime numbers are nearly impossible to generate out of thin air which is why they are favoured as a security key.
Due to this level difficulty, it is unlikely that a computer could ever crack a 256-bit prime number-encrypted message by using brute force. It would theoretically take more time for a computer to accomplish this task than the amount of time the universe has existed.
But this may not be the case anymore…
The Rise Of Quantum Computers & AI
Quantum computers have been appearing in the news lately but many people do not fully understand what they do and how they can be used. Quantum computers are incredibly complex but what is important is that they can perform brute force calculations much faster than modern computers. This implies that quantum computers have the ability to break into modern security systems and thus threaten the entire cyber world.
D-Wave Systems Inc. has developed a simple quantum chip. Image courtesy of D-Wave Systems, Inc. [CC BY 3.0]
Even with quantum computers, human operators are still needed to code and direct such attacks. This gives law enforcement a chance at both preventing and deterring such crime. But imagine a system that did not have a physical form and could hack systems at inhuman speeds. Artificial intelligence is a real possibility with milestones being set by many (IBM’s Watson machine for example).
These systems could pose a threat to global security if they were to develop the ability to learn and create their own directives. Unsuccessful attacks would only increase such an AI's abilities as it would learn from its mistakes. Future AIs may not be dependent on any machine and if one such system was powerful enough it may use hundreds of machines to act as redundant systems so that shutting down one machine does not stop the AI from working and making the AI harder to track. In theory, an attack by one AI system may appear to come from different places around the world at the same time.
Robotics & AI
So far we've been discussing cyber-crime involving AI systems and quantum computers, but there is one area that may be an even greater danger—the IoT (internet of things). Drones and robotic vehicles are becoming increasingly common with such devices being accessible through the internet.
If a device can be connected to the internet, then it is safe to say that the communication is two-way and data can be sent and received. This is already an issue because hackers have proven they're able to activate webcams and practice surveillance on unsuspecting people.
If a hacker can hack a webcam, then with the right commands they could also hack a drone or robot to do their bidding. Recently, the police in Dallas used a drone filled with explosives to eliminate a sniper targeting police, but this may be a dangerous practice.
We're fast approaching a world where remotely-controlled drones could regularly be used as explosive delivery systems on American soil and abroad. The chances are there will be ways for a hacker to gain control of such a device and they could decide to turn the robot around and drive it back into the police or into a busy crowd and do real damage.
This robot is similar to the one used by the Dallas police officers. Image courtesy of the United States Department of Labor.
If you take the malicious nature of a hacking AI and mix that with robotic explosives, the outcome is grim indeed.
- IoT Security: Risks and Realities
- The Evolution of Friendly Competition Between AI and Humans
- Is AI Better at Diagnosing Disease than a Doctor?
Preparing for the Future
Any system created to prevent hacking will be answered with methods to bypass the security. But the flip side is normally true, too: if a device can be made to hack systems more easily (e.g., quantum computers), then such systems can be used to create more effective security measures. We may find that once quantum computers become a consumer reality, most devices connected to the internet will need to contain a quantum security chip.
Legislation may also be put in place regarding the creation of learning AI systems and their uses. It is most likely that AI systems will rely on large computer systems and so the average home user may not have the means to develop such a system. It will likely come down to the ever-developing cyber security industry to help build safeguards for the everyday people whose lives are increasingly tied to the internet.
Whatever the future of cyber-crime is, it is important to educate ourselves on preventative measures and be able to recognise false links, emails, and files. If an email from a stranger claims to have a photo attached to their email and the file has .exe on the end, I can assure you it is not a photo.