The future of cybercrime
- Published: Monday, 09 January 2017 09:13
Even more serious than the ever increasing financial and reputational risks affecting the corporate and commercial sectors are the very real possibilities of cybercrime being used to execute large scale terrorist attacks, assassinations and even murders. As programmes like ‘Humans’ and ‘West World’ play out a fictional world of cyborgs turning on mankind, we take a look at the growing number of cyber threats, both to businesses and individuals, and how fiction is quickly becoming fact. The Internet of Things and advances in artificial intellingence have created a swathe of new opportunities for criminals and state actors:
Ransomware – a program used by fraudsters to infiltrate hardware and hold a computer and its associated data hostage until the victim pays a hefty sum for its release - has been causing huge problems for businesses across the globe and is a trend that is set to continue in 2017.
Jason Fry is a cybersecurity specialist at PAV i.t. services. He has worked with numerous corporate and independent businesses across the UK helping them to review and update their cybersecurity policies, procedures and solutions. He says: “There seems to be no sign of this trend diminishing in the near future and certainly where ransomware is concerned the fraudsters are consistently refining and updating its capabilities resulting in versions that are even self-propagating. Information can now be encrypted much quicker, which can also play into the hands of the hackers. Criminals using ransomware can swiftly encrypt large amounts of data, often before a company even realises it's under attack.”
Gaining control of an employee’s network by stealing their username and password is nothing new, but cybercriminals are no longer relying on malicious malware to gain access to a victim’s machine. Instead they get hold of sensitive information by using tactics such as phishing emails.
Robert Schifreen is a former UK-based computer hacker who was arrested in 1985 for breaching computers at British Telecom. He now runs a security awareness training programme called SecuritySmart.co.uk. He says: "Many of today's hackers are highly sophisticated and skilled. A criminal group may spend many months hacking millions of devices and computers across the world, ready to form them into a botnet on command, in return for a fee from a third party, to attack a chosen victim. Some of the most innovative companies are helping to thwart such attacks by offering so-called bug bounties, through which hackers and researchers can earn money by uncovering security weaknesses and responsibly disclosing them to the vendor concerned."
Artificial Intelligence (AI)
The emerging market of driverless cars, which are also able to park themselves and be controlled remotely, along with medicines that can be self-administered by personal devices and the popularity of drones gives us an indication of the automation we can expect in our day to day lives in the future. As the market grows for such technology the possibilities for cyber criminals start to become endless.
Jason Fry says: “Cybercriminals with a more sinister agenda than breaching data in return for financial reward will be able to take advantage of technology in order to execute terrorist acts or murders. For example, by hacking medical devices to administer lethal dosages to victims.”
But human cybercriminals aren’t the only thing we should be worried about. Jason continues: “Software that is capable of learning and not making the wrong decision more than once already exists and it will not be too long before systems can make judgements, assessments, and predictions at a much faster pace. Once machines can think for themselves the possible threats to individuals, businesses, and even countries, becomes a real and greater concern.”So, what do we do in the meantime? Jason believes the answer comes from ensuring we have sufficient knowledge to prevent such attacks in the first place: “People are the key to preventing attacks - knowledge is everything in the current climate. Training staff and greater staff awareness are absolutely essential. One of the major issues currently facing businesses, especially those with numerous employees, is the lack of knowledge amongst staff and the ways in which cybercriminals may infiltrate their systems essentially leaving them at greater risk of falling victim to things like phishing and social engineering scams.”