Cybersecurity professionals are no longer just securing computers, “we’re securing society,” said Mikko Hyppönen, chief research officer for WithSecure, speaking during IRISSCON 2022 about the risks from technological advances.
He observed that the nature of cyber threats has changed enormously throughout his career, shifting from teenage boys in basements to organized crime gangs and nation-state actors. This has been facilitated by “the biggest technological revolution in the history of mankind” that has occurred in the last 30 years.
Hyppönen noted that computers are now everyday products that don’t look like computers; for example, “cars have become data centers on four wheels.”
While this growing reliance on the internet and connectivity has huge benefits, it has changed the nature of crime forever. In essence, crime has shifted from local to global, with the internet “deleting geography.” For example, bank robbers have essentially digitized their work, using tactics like banking Trojans, business email compromise (BEC) scams and breaking into crypto exchanges to steal money.
As reliance on connectivity continues to grow, the threats to society from hackers will also expand substantially. Currently, essential functions like food production can continue if the internet drops out. However, when connectivity becomes “mandatory” in the next 20-30 years, an internet outage “will be just as drastic as a cut in electricity.”
Therefore, “we must understand the responsibility we have when making connectivity mandatory.”
Another major concern is the growing financial gains for the biggest cybercrime gangs, which Hyppönen said have almost doubled in the last five years. This is enabling these groups to become professionalized, allowing them to operate as businesses. This includes hiring staff, creating data centers and offices, and even using business analysts to help them negotiate ransomware extortion payments.
The growing financial power of cyber-criminals means they are increasingly likely to recruit the expertise and tools to use automation and machine learning. At the moment, the defenders “work at machine speed, attackers work at human speed” regarding malware and ransomware campaigns, but these barriers are reducing. Hyppönen noted: “It’s going to get worse because what we haven’t seen yet is automation on the side of the attackers.”
When this situation occurs, “we will see that the only thing that can stop bad AI will be good AI.”
Despite these worrying trends, Hyppönen argued we are in the “golden age” of cybersecurity, with “technical security better than we’ve ever had.”
He also highlighted the successes of Xbox and Apple devices in preventing hacks. This is because they are closed environments, preventing code being written and run on them. “It is a computer you own but which you do not have the right to program,” explained Hyppönen.
The high cost of hacking these devices, estimated to be €100,000 for IPhones, means most people will never be targeted. This explains why the Pegasus spyware cases are generally only affecting high-profile businessmen or politicians.
“This is a success story,” said Hyppönen, adding that most people “are not worth it” for threat actors. As a result, governments are the only entities who have the finances to hack closed systems.