5 ways hacking will evolve in the future


Criminals are more likely than ever to get access to your online banking accounts and sensitive personal data, like health records.

Increasingly well-funded and complex hacks are predicted to cost $6 trillion a year by 2021, according to data from Cybersecurity Ventures.

Experts agree that the situation will worsen. Here’s why: these are 5 ways hacking will evolve in the future.

1. You’ll be hacked by AI

Def Con 2016, one of the world’s largest hacking conventions, saw Darpa run a competition that pitted seven AI computer programs against one another.

Each of the AI ‘bots’ was tasked with finding and fixing software flaws whilst launching cyber attacks against competitors. The winning software, dubbed “Mayhem”, won $2 million for its team of security professionals.

The aim of this competition was one of research, but it shows how close we are to creating artificially intelligent cyber security systems. And what happens when this technology falls into the hands of cyber criminals?

AI systems like this could eventually perform the work of 100s of hackers, continuously scanning networks for vulnerabilities. This could mean disaster for businesses and consumers; AI hackers will operate non-stop, sifting through data immeasurably faster than humans.

And that’s without the potential doomsday Skynet scenarios cautioned by Stephen Hawking. Already Google’s DeepMind experiments have revealed a worryingly human inclination to aggression in AI systems.

Either way, society must prepare for the arrival of AI hacking. Fully intelligent hacking systems are now only a decade away, says Darpa Director Arati Prabhakar.

2. You’ll be hacked by your heating

The unstoppable surge in internet-connected devices, from self-driving cars to smart-heating, promises to improve the lives of millions across the globe and revolutionise industry.

But the Internet of Things (IoT) is also creating millions of opportunities for cyber criminals. The number of IoT devices has already hit 15 billion and millions of these devices are potential targets for hackers.

Right now, there is little awareness of IoT security. For example, few bother to change default factory passwords for these inconspicuous devices, leaving them vulnerable to brute-force password guessing hacks.

If your IoT devices lack security, either as a fault of your own or the manufacturers, your personal data could be stolen. Using information from your smart-heating, hackers could work out when you’re out of the house and sell this information to criminals on the darkweb.

This carefree approach to security has already resulted in the largest DDoS attack ever. The attack saw a massive connected web of infected IoT devices launch overwhelming amounts of traffic against Dyn. The result knocked Netflix, Reddit, Twitter and more offline.

The Mirai botnet was responsible for this attack and the source code is now public. Because of this, the Mirai botnet continues to mutate and threaten vulnerable IoT devices.

3. The rise of ransomware

Ransomware is the new hostage crisis and incidences of this malware are rising fast. 86% of SMEs were targeted by this type of malware in 2016, according to a recent study from Datto, a network continuity company.

Once systems are infected, typically by tricking people into running malicious code on their computers, ransomware holds your files hostage. Cyrptolocker, one virulent ransomware developed to target consumers locks down critical files on your computer, like your precious Excel spreadsheets.

Ransomware is devastating to businesses as it spreads across company networks encrypting files and data. What’s more, as most manufacturers now use internet-connected machinery, these will also be rendered useless.

Encrypted files are locked until a cryptographic key can be sourced – and guess who’s willing to sell it to you. For individuals this can be as much as $400 or $millions worth of untraceable cryptocurrency (like bitcoins) for SMEs.

Without the key it’s unlikely you’re going to crack the encryption. An average computer would take 6.4 quadrillion years to crack the RSA 2048 encryption that’s typically used by ransomware.

4. Hospital hacks

The rise of ransomware and the prevalence of Internet of Things devices intersects in a deadly way. As IoT technology expands into sectors like healthcare, the risk of security breaches on these devices increases massively.

Hospitals provide the perfect targets for ransomware that infects internet-connected medical devices. High-stakes cases of hospital ransomware attacks have seen hackers hold patient data hostage, endangering the lives of patients. But with the rise of IoT devices in healthcare, the situation could get deadly.

What happens when hackers can gain access to life-sustaining medical equipment and hold patients’ lives to ransom? The outlook doesn’t look great and researchers have already identified security flaws in cardiac defibrillators.

5. Nation state hacking attacks

‘Nation state hacking’ became a buzzword in 2016 with the high-profile attack against the Democratic National Committee (DNC).

“Cyber espionage has been an important tool for hackers and intelligence agencies since at least 2004…But releasing the emails from the Democratic National Committee and John Podesta was new and scary,” writes cyber security author Richard Stiennon.

Experts are worried and the general consensus amongst cyber security firms is that the attacks are set to continue in 2017. The threat from Russia remains, and we can expect to see an increase in aggression in 2017, states cyber security firm, FireEye, in their prediction report.

Worryingly, these hacks may already be taking place inside organisations across the world – prime targets outside the US include Japan, Australia and South Korea. Most cyber criminals act within environments for many months before they’re discovered, and by then it can be too late.

The good news

But there is some good news. Take AI hacking systems: professionals have already come a long way in building systems that could be used to protect us.

MIT is teaching their AI2 system how to stop cyber attacks. Developed to review data from millions of lines of code each day, the AI uses machine learning to identify potential threats.

AI2 still relies on human input to respond to these threats, so it cannot yet completely replace humans. Incredibly, it already correctly identifies 86% of attacks.

Plus, as cyber security advances, specialised roles are starting to gain in popularity and become increasingly required by organisations. Ethical hackers, professionals that hack organisations to find vulnerabilities, are in-demand and salaries are rising.

As evidence of the legitimacy of this new field, there are even certified ethical hacker qualifications available for professionals to prove their skills to potential clients.

This post is part of our contributor series. It is written and published independently of TNW.

Read next: Why Sweden Dominates Fintech