Security experts have foreseen the future of cybercrime, and it's exceedingly grim. A report out today from the web security firm IID (Internet Identity) predicts that within the next two years we'll see the first person murdered through a "smart" object, the downfall of both Bitcoin and Tor, and other equally bleak examples of the dark side of technology's future.
Of course, it always behooves a company selling threat protection to play up the size of the lurking dangers. But putting aside any fear-mongering motives for a minute, the report's prognosis isn't too far-fetched.
Take the idea of murder by internet, which IID actually first predicted last year. The claim is that as the Internet of Things expands, so does the risk of a criminal hacking into a wireless-enabled pacemaker or a home's remote-access security system with an aim to kill.
"With so many devices being Internet connected, it makes murdering people remotely relatively simple, at least from a technical perspective. That's horrifying," IID President Rod Rasmussen said in last year's report. "Killings can be carried out with a significantly lower chance of getting caught, much less convicted."
Thing is, these kinds of security breaches have been possible for a long time, and no one's used them to actually kill people yet. Is it only a matter of time? IID thinks so, and it's not the only place where speculation is swirling.
The FDA requested last year that the health care industry study vulnerabilities in pacemakers or insulin pumps, which could end someone's life if breached. Case in point: former Vice President Dick Cheney had surgery to turn off the wireless function on his pacemaker to thwart a potential a remote assassin (which incidentally was the exact plot line of a later episode of Homeland).
Life-supporting devices aren't the only potential IoT murder weapons: Remember this year's car hacking scare? A highly publicized report out of Def Con revealed that cars can be accessed and controlled remotely, one of the more terrifying scenarios in anyone's book. Now even the US government is getting nervous enough to move on the issue; a senator wrote an official request to automakers to come up with a plan to stop people from hacking into vehicles.
Meanwhile, invading people's private lives via smart devices is already commonplace. Motherboard explored the creepy world of Shodan, a search engine that crawls the internet for every connected device—things like baby monitors, smart locks, or cameras. According to IID, we should expect to see these breaches to be used for burglaries and burning down houses.
Again, just because these new avenues for high crime exist doesn't mean they'll be exploited. But then, this year saw the rise of crowdfunded, anonymous online assassination markets—so it's hardly outside the realm of possibility. As Rasmussen said, "If human history shows us anything, if you can find a new way to kill, it will eventually be used."
An equally bold prediction from the report is that two of today's internet darlings, Bitcoin and Tor, will completely implode by 2015. The company says the crypoanarchist havens will eventually be overrun by criminals, scaring off legitimate users.
It's true that the anonymous, untraceable nature of the virtual currency and encrypted web browser make them hotbeds for contraband activities. But that same feature makes them increasingly appealing in today's privacy-starved web culture, and both are becoming more popular, not less. Not to mention the Feds are cracking down on the deep web's criminal underground, raking in too high-profile busts this year: Silk Road and a giant internet child porn ring hiding behind Tor's hidden services.
Still, IID predicts a tipping point will come when the fraudsters enabled by anonymous networks hit an internet giant like Google or Amazon with an attack, which could cause billions of dollars of damage and a ripple effect throughout the internet.
Another change on the horizon that could open up a fresh target for hackers and fraudsters is the crop of new top-level domains being rolled out and snatched up by big web companies. The gTLD land-grab will effectively hit the reset button on a large swatch of a the internet. If brands don't take pains to set up security measures as they migrate over to new domains, the transition will leave them vulnerable to phishing schemes and domain-name hijacking, the report says.
The security firm will be watching out for this in the coming year, along with two other predictions it made last year that haven't yet come to pass but are familiar prophesies of our dystopian future. One is terrorists hacking into military drones, taking over control and reprogramming their target. The other is the long-expected but never-realized attack on our critical energy infrastructure, like the power grid.
Graciously, the company explained it'd rather be proven wrong than witness this kind of devastating cyberattack, Vice President Paul Ferguson said in today's announcement. "While IID doesn't normally like being wrong, we would be more than relieved if these potential catastrophes never came to fruition."