2014 Will Not Be the Year of the First 'Online Murder'
If you believe EUROPOL, the European Union's transnational law enforcement agency, murder by hacking is a brand new possibility for criminals. That
is, some sordid hacker in the employ of organized crime
syndicates could access a device in the cyber world, only to control it
in the physical realm—then murder a target with said device.
According to a EUROPOL report, as the Internet of Things evolves into the grander Internet of Everything, WiFi-enabled devices will increasingly be used as weapons.
"With more objects being connected to the Internet and the creation of new types of critical infrastructure, we can expect to see (more) targeted attacks on existing and emerging infrastructures," said the report, released last week. "Including new forms of blackmailing and extortion schemes (e.g. ransomware for smart cars or smart homes), data theft, physical injury and possible death, and new types of botnets."
As The Stack reports, the EUROPOL study cites a report by American security firm IID, predicting that the world's first 'online murder' will occur by the end of this year.
While stuff like extortion schemes and data theft is already a well known practise for online criminals, the emergence of "possible death" by Internet is a fairly new revelation—especially coming from a major policing entity.
It's a fear the intelligence community already shares. But as Motherboard has reported, the threat is likely overstated. Though hackers with ubiquitous control over everyday products is a scary possibility, according to one cybersecurity expert, it's still the stuff of Hollywood.
"That's what we call a 'movie plot threat,'" said Robert Masse, the Canadian director for cybersecurity firm Mandiant, when I asked him about "online murder." (Masse was also an infamous teenage hacker who accessed Soviet research computers and was caught at the age of 15 by the Royal Canadian Mounted Police.)
"If you think of risk and threat percentages," said Masse, "the probability is so low, you probably have a better chance of being struck by lightning."
Hacker related crime is no new development to law enforcement agencies, but hacking still has limitations for a traditional crime operation. Especially when classically criminal tactics are way cheaper.
"It's easier just to get a guy who gets paid $20,000 a year in cash to beat you up with a baseball bat. Criminals, like anything, will take the path of least resistance. They're not going to turn to these insane types of attacks," Masse said.
Maybe "if you're the head of the CIA," said Masse, you have something to worry about. For the average person, or criminal, it's just not feasible to launch an entire cyber assassination operation, when guns and blunt force trauma already works just fine.
"Honestly, if you can get close enough to (a target) to affect them wirelessly, you can just shoot them, it'd be easier," said Masse.
Dick Cheney might disagree with Masse, after he feared being the potential target of a murderer-hacker. The former Vice President had the wifi capability of his pacemaker disabled because of the potential threat of his heart being hacked.
If some enterprising cyber assassins are really looking to kill through the Internet, the targets for any of these types of outlandish attacks will most likely be medical devices: pacemakers, drug dispensing machines, or insulin pumps. Think speeding up someone's heart, or overdosing them on morphine during a hospital stay.
There's no denying the possibility of being within proximity of a wifi-enabled device allows for hacking, but the likelihood of such an attack is still negligible. At the end of the day—as every Godfather movie or Sopranos episode can attest—the classic gun still does most of the killing in the crime world. Hackers need not apply.
According to a EUROPOL report, as the Internet of Things evolves into the grander Internet of Everything, WiFi-enabled devices will increasingly be used as weapons.
"With more objects being connected to the Internet and the creation of new types of critical infrastructure, we can expect to see (more) targeted attacks on existing and emerging infrastructures," said the report, released last week. "Including new forms of blackmailing and extortion schemes (e.g. ransomware for smart cars or smart homes), data theft, physical injury and possible death, and new types of botnets."
As The Stack reports, the EUROPOL study cites a report by American security firm IID, predicting that the world's first 'online murder' will occur by the end of this year.
While stuff like extortion schemes and data theft is already a well known practise for online criminals, the emergence of "possible death" by Internet is a fairly new revelation—especially coming from a major policing entity.
The European cops said the Internet of Everything offers up a brand new "attack vector" for organized crime to exploit, amounting to "increased attack surface." That means, instead of just laptops and routers, hackers can gain network access through a potentially cyber-capable toaster, to steal information or control objects.It's easier just to get a guy who gets paid $20,000 a year in cash to beat you up with a baseball bat.
It's a fear the intelligence community already shares. But as Motherboard has reported, the threat is likely overstated. Though hackers with ubiquitous control over everyday products is a scary possibility, according to one cybersecurity expert, it's still the stuff of Hollywood.
"That's what we call a 'movie plot threat,'" said Robert Masse, the Canadian director for cybersecurity firm Mandiant, when I asked him about "online murder." (Masse was also an infamous teenage hacker who accessed Soviet research computers and was caught at the age of 15 by the Royal Canadian Mounted Police.)
"If you think of risk and threat percentages," said Masse, "the probability is so low, you probably have a better chance of being struck by lightning."
Hacker related crime is no new development to law enforcement agencies, but hacking still has limitations for a traditional crime operation. Especially when classically criminal tactics are way cheaper.
"It's easier just to get a guy who gets paid $20,000 a year in cash to beat you up with a baseball bat. Criminals, like anything, will take the path of least resistance. They're not going to turn to these insane types of attacks," Masse said.
Maybe "if you're the head of the CIA," said Masse, you have something to worry about. For the average person, or criminal, it's just not feasible to launch an entire cyber assassination operation, when guns and blunt force trauma already works just fine.
"Honestly, if you can get close enough to (a target) to affect them wirelessly, you can just shoot them, it'd be easier," said Masse.
Dick Cheney might disagree with Masse, after he feared being the potential target of a murderer-hacker. The former Vice President had the wifi capability of his pacemaker disabled because of the potential threat of his heart being hacked.
If some enterprising cyber assassins are really looking to kill through the Internet, the targets for any of these types of outlandish attacks will most likely be medical devices: pacemakers, drug dispensing machines, or insulin pumps. Think speeding up someone's heart, or overdosing them on morphine during a hospital stay.
There's no denying the possibility of being within proximity of a wifi-enabled device allows for hacking, but the likelihood of such an attack is still negligible. At the end of the day—as every Godfather movie or Sopranos episode can attest—the classic gun still does most of the killing in the crime world. Hackers need not apply.
No comments:
Post a Comment