The Nightmare Future of Hacking
Virtual viruses, RAM scraping, DNA attacks, RFID ... it's a scary world out there if you're an IP address.
Is it the fault of security companies you ask? No, it isnt. They've locked all the doors and windows and posted guards in the yard 24/7. Its just that no one expected the bastards to tunnel in under the floor or to hack through your own DNA.
The future of hacking, like the future of technology, is always squirming and breeding and morphing just beyond the normal persons line of sight. Thus, we dont generally see a new threat rising until the fully-grown beast charges.
Take, for example, biohacking. Bill Gates recently told Wired magazine that if he were a teenager today, he would be hacking biology. Hacking the software of life (DNA) is a prime example of why hacking endures even while computer code has become mere childs play, he said. The challenge of hacking, controlling and ultimately mastering opportunities once thought beyond the purview of man will always lay beckoning.
Say bio ... what?
Biohacking. At the moment, it's mostly taking place in garages and at kitchen sinks. Although the Holy Grail is to create life (of the unnatural variety) from scratch, these synthetic biologists are really attempting to mimic DNA code in other types of engineering including mechanical, electrical, chemical and software.
Their goals range from enslaving micro-organisms to constructing genetic machines. No doubt some of this activity will be beneficial to mankind as it emerges much like the PC revolution arose from garages. But equally without doubt, much of the fruit of these labors will be the poison used to hack and attack corporations, governments and individuals. There will also be an increase in bioterrorism and genetic malware of both the physical and virtual varieties.
Newer biometric authentication systems will replace passwords, quite possibly with a mix of ocular and filial credentials, said Kurt Baumgartner, senior security researcher at Kaspersky Lab. Whatever the credential replacement is, we will see cyber criminals respond with devices that parallel ATM skimmers of today. Iris skimmers and spyware that steals identification information provided by [a person's] eyes will be implemented and distributed.
And here many of us were thinking that President Obamas call for increased innovation in America meant building a better iPad or finding yet another way to charge customers for self-service! No, those were the old ways of the old days in the land of innovation. What lies ahead is infinitely more challenging in terms of execution, security and governance.
In BIOPUNK: DIY Scientists Hack the Software of Life author Marcus Wohlsen chronicles the growing community of amateur scientists including:
* A duo that started a cancer drug company in their kitchen; * A team who built an open-source DNA copy machine; * A mother who developed a genetic test for a deadly disease that had stricken her family; and * A woman who uses spliced jellyfish genes to detect contaminated milk.
While news and books on this shadowy movement of home-scientists are just beginning to appear, the work itself has been underway for some time. For the vast majority of people it will feel like genetic miracles, machines and monsters appeared out of nowhere and the future hit us full in the face with absolutely no warning.
Is it any wonder then that our security measures will fall short?
The adoption cycle of new technology is staggering and the primary threat is not the evolution of the traditional threat, but new forms of abuse, said James Lyne, senior technologist at Sophos. The challenge is that weve seen a significant reduction in adoption times for new technologies and its become increasingly difficult to identify issues before they appear.
Back to the present
Beyond the benefits and scares we will soon receive from people in kitchens and garages that we dont even yet know exist, there are the less adventuresome, but equally troublesome and far more common, hackers to guard against.
Here is a partial list of the dangers they are cooking up:
Malware targeting virtual machines - Many breeds of malware today can detect if they are running within virtual machines and make adjustments or shut down altogether in order to evade detection, but only a few proof of concept viruses have actually attempted to break free into the host machine, explained Fred Touchette, senior security analyst at AppRiver. We expect to see more of these in the near future.
RFID bandits - Radio frequency identification (RFID) provides many opportunities for potential exploitation. Typically, these exploits will be aimed at the various uses of RFID in supply chain, retail transactions, counterfeiting/cloning, and the ability to defraud physical access such as public transportation.