Cybercrime in the year 2030 will be run by computer programs that are intelligent, self-learning and difficult to defend against, two researchers predicted at the RSA Conference Monday (May 17).
Dr. Victoria Baines of Oxford University and Rik Ferguson of information-security firm Trend Micro used existing trends to forecast that society and everyday life will be likely even more wired — and wireless — than today, and that criminals would quickly adapt. Their white paper, "Project 2030," can be downloaded from the Trend Micro website.
- RSA Conference 2021 preview: Everything we expect to see
- This new robot is designed to replace humans — here's how
- Plus: Xbox Series X getting 'mind-blowing' exclusive to fight PS5
For ordinary people in rich countries, Baines and Ferguson predict, wearable devices will monitor health and plan diets. Smart-home devices will talk to each other and coordinate their users' schedules.
Instant access to all the world's knowledge means schoolchildren will no longer memorize facts and figures. As in "Black Mirror," artificial intelligence could even keep human personalities "alive" on social media long after their physical bodies have died.
And fighting cybercrime will entail battling robots that are relentless, smart and adaptive, Baines and Ferguson said. Because repetitive tasks will become much more automated, cybercriminals will let computer programs conduct reconnaissance to find new victims.
"All organizations and sectors of society will make use of artificially intelligent tools," their report says. "This inevitably will include bad actors, be they individuals, criminal enterprises or nation-states."
Previous predictions turned out to be right
Baines and Ferguson cautioned that "the events and developments described are designed to be plausible in some parts of the world, as opposed to inevitable in all." But they said that a similar exercise in 2012, called "Project 2020," ended up being pretty accurate.
Because ordinary lives will be so wired by 2030, all of the aspects of ordinary life can be hacked and lives may be lost. Criminals could change the drugs that are automatically delivered by medical implants, change the information going into smart contact lenses or neural implants, or reprogram cars' navigation functions. Nations will use artificial intelligence to defend themselves and attack others.
"Cyberattacks will be about losing humans, not data," Baines said during the presentation. "By 2030, countries will launch cyberattacks on each other by mistake and without human intervention."
Malware will learn new tricks and adapt to new situations on its own. Algorithms rather than humans will carry out social-engineering attacks, engaging in online conversations with potential victims to trick them out of their money or valuable information.
Industry will be so highly automated that encrypting ransomware will be outmoded. Criminals will instead hack directly into a company's processes and threaten to disrupt operations unless they're paid not to.
Botnets will invade the smart devices in a company's offices to launch attacks from within.
Is that my boss, or is that a deepfake?
Deepfakes will invade workplace teleconferencing, so that you'll never be completely sure whether you're talking to your boss or to a robot. Meanwhile, identity thieves truly will steal your identity, using the massive amount of available information about you to create avatars that will take your place on social media and in online business meetings. In fact, cybercriminals have recently started using deepfakes in job interviews.
"Footage generated by AI ... is now so accurate and so lifelike that citizens are unable to tell the difference between synthetic and authentic content," says the report. "Disinformation has evolved into fully-fledged immersive conversations with artificially generated avatars, capable of changing citizens' minds or even corporate policy."
Baines and Ferguson didn't offer much in the way of defenses that we could use to counter cybercrime in this brave new world. We've got a bit of time to get ready, they noted.
"It is possible to map out the evolution of cybercrime," Baines said during the RSA presentation. "Uncertainty is no longer a reason for lack of preparedness."