Future malware could harm bytes, bone and brain

Wearable devices raise risks for damages from bad actors

Wearable computers and use of augmented reality could increase the consequences of cyber attacks for people in the near future, according to a report released this week by a pair of cyber security organizations.

The line between digital and analog harm will become fuzzy in 2020, predicted the report, "Scenarios for the Future of Cybercrime," prepared by the International Cyber Security Protection Alliance and the European Cyber Crime Centre.

"Evolved threats to critical infrastructure and human implants will increasingly blur the distinction between cyber and physical attack, resulting in offline destruction and physical injury," the report said.

"Moreover," it continued, "increasing incorporation of augmented and virtual reality technologies into daily life has the potential to result in cyber crimes which entail psychological harm to individuals."

[Despite hack, security experts urge no fear of Google Glass]

The report, which includes a number of potential scenarios of life in 2020, said face-to-face meetings in the future could be conducted by virtual executives, which may give new meaning to the phrase "empty suit."

"Advances in virtual reality facilitated by 3D tracking, cognitive neuroscience and haptic interfaces have enabled the development of technology that maps speech and behaviorisms onto virtual or robotic representatives, potentially succeeding in remote business interactions where video conferencing and virtual worlds have failed," the report noted.

Although that technology, after the initial costs of set up, can save businesses money on plane tickets and hotel stays, the report acknowledged there may be resistance to it. "[I]t remains to be seen whether corporations heavily reliant on trust and personal relationships will take to it, and there have already been incidents of criminal interception, manipulation, and eavesdropping for profit," it said.

Admittedly, the remote presence and virtual reality technologies identified in the report may just be entering the mainstream in 2020 so their potential for good – and bad – won't be fully realized at that time. "It is reasonable to speculate, however, that the level of interaction of truly immersive technologies with human cognitive processes will bring new harms (especially psychological) as well as benefits," the report noted.

It also predicted a society in 2020 on the doorstep of the one described in William Gibson's prescient novel Neuromancer. "While the vast majority of today's Internet users would baulk at the idea of receiving a brain or retina implant, mainstream adoption of augmented reality, virtual reality and sensor technology may prime 2020's younger generations for uptake, and desensitize them to some of the possible attached risks," the report said.

Not only does the report ask how cyber threats can be fought in the future, but who will be fighting them, explained ICSPA Chief Executive John Lyons.

"To meet the challenges of cyber crime, we need to become more creative and flexible," he said in a statement. "We must make sure law enforcement, criminal justice, governments and business pull in the same direction, but they have to do so without trampling on their citizen's expectations of privacy and anonymity."

If privacy is challenging now, it will be even more so in 2020. "The future reality of large scale Radio Frequency Identification (RFID) deployment, global sensor proliferation, aggregation of data and highly personalized, augmented services will require the legal frameworks for privacy and security to further adapt," the report said.

The future of privacy and security is brought front and center in the report, observed Raj Samani, vice president and CTO for McAfee EMEA. "It says it's great that we're moving to these fantastically connected devices, but we have to be aware that the risks here are going to be quite significant," he said in an interview.

"That's why we have to think about security now when we're designing all these great solutions," he added.

An important part of the report is identifying and securing the seams, or joins, in a massively connected society. "It's about where networks and services and applications touch each other," Rik Ferguson, global vice president of security research at Trend Micro, said in an interview. "That's where some of the weakest points are."

Overall, the report displays the kind of forward thinking not typically found in security circles. "It's looking down the road at an increasingly cyber future and what that will involve in terms of abuse of technology," ESET Security Evangelist Stephen Cobb said in an interview.

"All too often," he added, "we're heads down fighting current cyber crime and not looking at the path down the road."

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.