The scary future of the Internet: how tomorrow’s technology will pose even greater cybersecurity threats
Although the Internet has undoubtedly brought new benefits
it has also brought new problems, as cybercriminals seek to exploit our seemingly growing dependence on connectivity.
Phishing emails, malware and ransomware attacks, or theft of your bank details, passwords and other personal information – the Internet has provided malicious hackers with a variety of new ways to make money and cause disruption. Just look, for example, at how critical infrastructure, schools and hospitals have been affected by cyberattacks.
We have not yet fully secured networks against today’s Internet threats, but technology is already evolving, bringing new threats that we must prepare for in one way or another.
Quantum: cracking and mining of cryptocurrencies
One of the most important technological breakthroughs to come is quantum computing, which promises to be able to quickly solve complex problems that have defeated classical computers.
While this advance will bring benefits to scientific research and society, it will also create new challenges. In particular, the power of quantum computing could make it possible to quickly decipher the encryption algorithms that we have been using for decades to secure various fields, including online banking, secure communications and digital signatures.
But like any innovative technology, it will eventually become more commercially available and easier to access – and cybercriminals will seek to take advantage of the quantum.
“There are things on the horizon that you can see coming; in particular quantum computing capable of deciphering current encryption algorithms,” says Martin Lee, technical head of security research at Cisco Talos.
“What was a completely appropriate encryption key length 20 years ago is no longer appropriate”.
The US Cybersecurity and Infrastructure Security Agency (CISA) has already warned that measures must be taken now to help protect networks from cyberattacks powered by quantum computing, especially those that support critical national infrastructures.
But while disruptive cyberattacks fueled by quantum computing pose a key threat to the cybersecurity of the future, quantum computers could themselves be a lucrative target for hackers.
Cryptocurrencies, such as Bitcoin, are generated by computers by solving complex mathematical problems – the kind of mathematical problems that might be relatively trivial for a network of quantum computers to solve. This means that if cybercriminals were able to implant crypto-mining malware on quantum computers, they could become very rich very quickly – almost at no cost to themselves.
“Infecting one of them would allow someone to start calculating very complex algorithms,” says David Sancho, senior antivirus researcher at Trend Micro.
“If you have a crypto-miner on a quantum computer, it will significantly speed up your mining capabilities – these things becoming the target of trivial cyberattacks, this is a very easy prediction to make.”
Harnessing AI and ML
But quantum computing is not the only emerging technology that cybercriminals will seek to take advantage of: we can expect that they will also exploit developments in artificial intelligence (AI) and machine learning (ML).
Like quantum computing, AI and machine learning are expected to fuel innovations in various fields, including robotics and driverless cars, speech and language recognition, healthcare, etc.
An AI that can adapt and learn can be used for good, but ultimately, once it is more widely available, it is only a matter of time before cybercriminals use it to make cyber attacks more effective.
“We are going to start seeing malware campaigns, ransomware operations and phishing campaigns being executed in a completely automated way by machine learning frameworks.
This has not been done yet, but it would not be very difficult to do,” says Mikko Hyppönen, director of research at WithSecure.
One of the ways to exploit this technology would be to program a text-based generation algorithm to send and respond to common spam or professional email compromise campaigns (BEC).