The Future of Crime: Smartphone Tracking, Neurohacking, and AI Assisted Murder
The world Marc Goodman outlines in exhaustive detail in his forthcoming book, Future Crimes, is as real, gritty, and frightening as life outside the Matrix. Indeed, Goodman opens his book by quoting the classic sci-fi epic. Do you want the red pill or the blue pill? “Remember, all I’m offering is the truth.” He would know.
Goodman, who began his career as a beat cop at the Los Angeles Police Department, has worked with the FBI, US Secret Service, Interpol, and police in over 70 countries. He is an authority on today’s exponentially scaling cybercrime and a theorist of future crimes worthy of the best sci-fi but, in fact, lurking just around the corner.
You won’t remember every detail of the book—it’s packed to the gills with them—but you may walk away with a better understanding of the challenges facing those of us engaging in the “consensual hallucination” that is modern cyberspace. And that’s the point really.
The central problem Goodman outlines—that everything with a connection is hackable—isn’t insoluble. It’s just that we need to wake up and take action. That means demanding software companies make better, more bullet-proof software, securing our own accounts, and developing new technologies with security in mind.
Cofounder of Wired and author of What Technology Wants, Kevin Kelly, said of the book, “OMG, this is a wakeup call. The outlaws are running faster than the architects…I’m a technological optimist. Now, I’m an eyes-wide-open optimist.”
We had the privilege of chatting with Goodman recently. It was a wide-ranging, eye-opening conversation. Read on to learn about the Internet of Things to Be Hacked, narrow AI as an accomplice to murder, and how startups can tell what you’re watching on television merely by the electrical fluctuations on your smart meter.
As cyber-heists grow exponentially and tens of millions of credit cards are compromised, might a cryptocurrency, like Bitcoin, provide a better way of transacting online? Or is it, on net, no better than current methods?
Are cryptocurrencies better or worse than credit cards? Maybe, maybe not.
Currently, your credit card is protected under federal law, so, if you suffer a loss, you will not be held liable. The largest reported Bitcoin theft, to date, was an attack on the Mt Gox exchange in Tokyo where investors lost over $460 million—and that money may well never be recovered or paid back.
So, cryptocurrencies may be helpful from a privacy perspective, and theoretically, they might be better protected from a security perspective. But if poorly implemented, as we saw with Mt Gox, not only are they hackable, but there’s no regulation at this time to protect you such that you get your money back.
Hackable devices are poised to leap beyond PCs and into the real world with the Internet of Things, robots, drones, driverless cars. Give us a glimpse of tomorrow’s hyperconnected world gone wrong. What new dangers will arise?
If today’s internet is the size of a golf ball, tomorrow’s will be the size of the Sun. We don’t need that much more connectivity for just computers or smartphones. It’s for the billions of everyday devices coming online with the Internet of Things.
As our threat surface area (the number of devices around us) grows there will be more ways to reach out and touch us for good and for harm.
Twenty years ago nobody worried about their car being hacked. Today, a typical car uses over 250 microchips that can be hacked remotely. Somebody can remotely deploy your airbag or slam on the brakes as you’re going down the highway.
The Internet of Things will also include critical infrastructure—most notably the electrical grid and the smart home—and even medical devices. Without precautions, all these will be open to attack, perhaps with catastrophic consequences.
There will also be significant privacy implications. Today, your cellphone tracks you. It knows all the people you hang out with, and we can draw inferences on your connections and closeness to these people based solely on the phone’s geolocation. We’re going to see even more of that in the future.
Smart meters, for example, are now being installed around the world. Every single device you plug into an electric socket has its own signature. When you plug in your Samsung television or Hamilton blender, the outlet knows what is being plugged into it. And from that you can derive even further intelligence.
There are startups now that are looking at the fluctuations in energy usage to deduce what pixels are highlighted on your television, and by knowing what pixels are highlighted on the TV, they can reverse engineer, based upon the electricity that you use, what television programs you’re watching.
Elon Musk, Stephen Hawking, and Bill Gates have expressed concern about artificial general intelligence. It’s a hotly debated topic. Might AI be our “final invention?” It seems even narrow AI in the wrong hands might be problematic.
I would add Marc Goodman to that list. To be clear, I think AI, narrow AI, and the agents around us have tremendous opportunity to be incredibly useful. We’re using AI every day, whether it’s in our GPS devices, in our Netflix recommendations, what we see on our Facebook status updates and streams—all of that is controlled via AI.
With regard to AGI, however, I put myself firmly in the camp of concern.
Historically, whatever the tool has been, people have tried to use it for their own power. Of course, typically, that doesn’t mean that the tool itself is bad. Fire wasn’t bad. It could cook your meals and keep you warm at night. It comes down to how we use it. But AGI is different. The challenge with AGI is that once we create it, it may be out of our hands entirely, and that could certainly make it our “final invention.”
I’ll also point out that there are concerns about narrow AI too.
We’ve seen examples of criminals using narrow AI in some fascinating ways. In one case, a University of Florida student was accused of killing his college roommate for dating his girlfriend. Now, this 18-year-old freshman had a conundrum. What does he do with the dead body before him? Well, he had never murdered anybody before, and he had no idea how to dispose of the body. So, he asked Siri. The answers Siri returned? Mine, swamp, and open field, among others.
So, Siri answered his question. This 18-year-old kid unknowingly used narrow AI as an accomplice after the fact in his homicide. We’ll see many more examples of this moving forward. In the book, I say we’re leaving the world of Bonnie and Clyde and joining the world of Siri and Clyde.
Building on today’s budding fMRI brain scans, you talk about mind reading and neurohacking. What is the weirdest future criminal or crime you can imagine? What about the most frightening?
I think holding people’s memories hostage in demand of an extortion payment would be a fairly horrific crime. Of course, this is all theoretical now. We do not have the capacity to do this. But I thoroughly believe it will be forthcoming.
One study, for example, hooked up an EEG to a person’s head, showed them a pin pad of an ATM, and asked the following question: “What is your pin number?” With a 30% degree of accuracy, without the person saying a word, these researchers were able to identify a person’s pin number. Just by reading their brain waves.
I think we’ll see more of that, which could lead to all kinds of problems. Forget memorizing passwords—somebody could just pull that data from a brain scan.
The military is also working to help veterans better deal with trauma and PTSD. They’ve found that certain neuropharmaceuticals can isolate somebody’s traumatic memory and wipe it away, or at least push it down and minimize it.
And this is happening now.
So, if we can already erase traumatic memories, what other memories might we be able to erase in the future? Once organized crime figures out how to do this, I could see a horrific scenario wherein somebody is kidnapped and threatened that unless they pay an exorbitant sum, their lifelong memories of their wife or daughter would be erased.
We’re a long way away from that, but since you asked me to look into the future, that’s something that I would be concerned about.
Hackers Steal Up To $1 Billion From Banks
A hacking ring has stolen up to $1 billion from banks around the world in what would be one of the biggest banking breaches known, a cybersecurity firm says in a report scheduled to be delivered Monday.
The hackers have been active since at least the end of 2013 and infiltrated more than 100 banks in 30 countries, according to Russian security company Kaspersky Lab.
After gaining access to banks’ computers through phishing schemes and other methods, they lurk for months to learn the banks’ systems, taking screen shots and even video of employees using their computers, the company says.
The hackers seem to limit their theft to about $10 million before moving on to another bank, part of the reason why the fraud was not detected earlier, Kaspersky principal security researcher Vicente Diaz said in a telephone interview with The Associated Press.
The attacks are unusual because they target the banks themselves rather than customers and their account information, Diaz said.
The goal seems to be financial gain rather than espionage, he said.
“In this case they are not interested in information. They’re only interested in the money,” he said. “They’re flexible and quite aggressive and use any tool they find useful for doing whatever they want to do.”
Most of the targets have been in Russia, the U.S., Germany, China and Ukraine, although the attackers may be expanding throughout Asia, the Middle East, Africa and Europe, Kaspersky says. In one case, a bank lost $7.3 million through ATM fraud. In another case, a financial institution lost $10 million by the attackers exploiting its online banking platform.
Kaspersky did not identify the banks and is still working with law-enforcement agencies to investigate the attacks, which the company says are ongoing.
The Financial Services Information Sharing and Analysis Center, a nonprofit that alerts banks about hacking activity, said in a statement that its members received a briefing about the report in January.
“We cannot comment on individual actions our members have taken, but on balance we believe our members are taking appropriate actions to prevent and detect these kinds of attacks and minimize any effects on their customers,” the organization said in a statement. “The report that Russian banks were the primary victims of these attacks may be a significant change in targeting strategy by Russian-speaking cybercriminals.”
The White House is putting an increasing focus on cybersecurity in the wake of numerous data breaches of companies ranging from mass retailers like Target and Home Depot to Sony Pictures Entertainment and health insurer Anthem.
The administration wants Congress to replace the existing patchwork of state laws with a national standard giving companies 30 days to notify consumers if their personal information has been compromised.