In 2020, Cyberthreats Get Physical and the Internet of Things Opens Gaping Security Holes

In the year 2020, Europol predicts that the world will face an almost dystopic array of hyper-connected threats
In the year 2020, Europol predicts that the world will face an almost dystopic array of hyper-connected threats

In fact, in the year 2020, it predicts that the world will face an almost dystopic array of hyper-connected threats against critical infrastructure, wearable technology and medical implants – and everything else we use in our daily lives.

It may seem like the stuff of Philip K. Dick (remember Bladerunner?), but ICSPA’s Project 2020, which brings together Europol’s European Cybercrime Centre (EC3) and the International Cyber Security Protection Alliance (ICSPA) with partners from business, government, law enforcement and academia, has outlined in a range of threat scenarios for the year 2020, in a world where “society and second-generation digital natives depend on the secure running of deeply embedded technologies.”

Attacks on augmented and virtual reality technologies, meanwhile, could result in serious psychological harm to individuals, for instance. “The future of technology, its uses and abuses will affect every one of us,” said Rik Ferguson, the global vice president of security research at Trend Micro, in a statement. The firm plans to launch a series of instructional web videos about emerging threats from the paper and how to prepare for them.

Trend Micro and the whitepaper outline three scenarios: first up is the story of Kinuko, a second-generation digital native whose experience of the world is filtered through the virtual content beamed onto her contact lenses, and who has so many online identities she has outsourced management of them to a third party.

Project 2020 also describes a scenario of the future, robot manufacturer Xinesys, which has to deal with increasingly sophisticated ‘anti-sec’ activists trying to undermine its supply chain, and Lakoocha – a content service provider at increasing risk of critical infrastructure attacks.

Finally, it describes the government of ‘South Sylvania’, an emerging nation that uses advanced behavioral profiling to help intelligence agents identify individuals at risk of engaging in criminal or terrorist activity.

“We all face challenges coming from the rapid development of the internet,” said Troels Oerting, head of the European Cybercrime Centre. “More than 24 billion devices will soon be connected 24/7 to the Internet and, with the innovation of sensors and the ability to connect ‘things’ (cars, fridges, boats, medical tools, homes), considerable amounts of data will be generated about our behavior, locations, health, web searches and so on. The Internet and its huge potential will revolutionize our lives and developments in society, however in the process lots of potentially personal information will be accumulated. The report and movie highlight the pros and cons and will hopefully also trigger a discussion on privacy, how much information we should share, and how to secure our data.”

The study warns that it is not only personal and corporate reputations that are under threat, but that emerging technologies will increasingly blur the distinction between cyber and physical assaults.

“We don’t just have to ask ourselves how can we fight these threats, but also who will fight them,” said John Lyons, the chief executive of ICSPA. “To meet the challenges of cybercrime, we need to become more creative and flexible. We must make sure law enforcement, criminal justice, governments and business pull in the same direction, but they have to do so without trampling on their citizen’s expectations of privacy and anonymity.”

Some of this is unfortunately not science fiction: it's already been demonstrated that a hacker can cause a heart attack by remotely compromising a pacemaker, or can shut down an insulin pump on a diabetic. The US Food and Drug Administration (FDA) irecently issued a 24-page set of recommendations for regulating medical devices with wireless connectivity.

But overall, the white paper is meant to be a cautionary tale that takes a technology-ridden world’s security problems to their logical conclusion.

“The internet delivers tremendous societal and economic advantages to nations that have learned how to harness the significant benefits that derive from ubiquitous online computing and communications systems. With Project 2020 we don’t predict the future, but we ask the questions that need to be answered to keep us all safe,” Lyons added.

What’s hot on Infosecurity Magazine?