Cybercrime cost businesses and governments over $1 trillion in 2020, according to security software company McAfee. When we speak of cybercrime, we refer to damage to digital assets – computer files. Cybercrime is quickly moving from the digital world to the physical world.
Our Connected World
Over the past few years, more and more “things” are being connected. Smartphones are connected to the newly-minted smart home via light bulbs and appliances. Factories are adding internet connected parts and machinery. Cars are increasingly run by software. The COVID pandemic is accelerating the trend as people work at home and gain access to physical assets (and not just files) from factories that until recently were “air-gapped” (not connected to networks).
Imagine this scenario: a factory manager has access to a boiler from his home office. He ignores IT cybersecurity rules and a hacker gains access to his laptop. The hacker can theoretically raise the temperature of the boiler and cause damage to physical assets and people.
The Dangers of Hacking the Physical World
Criminal hackers are well aware of the new frontier of physical world hacking. The general public is not. The goal of this article is to inform you of what to expect in the coming years. Cybercrime is dangerous enough today. Adding the element of harming people and “stuff” takes cybercrime to a whole new level. I hope society is ready for the wave that is coming.
Let’s take a quick look at the future of cybercrime.
Imagine hackers capable of distracting drivers. It is enough to generate flashing lights on the dashboard in order to wreak havoc. How about changing code on the software that runs your brakes? Cars are especially vulnerable for two reasons –
1. Cars move fast and can harm drivers, passengers and pedestrians
2. It is not easy to update the software or operating system of a car
The roads are dangerous enough without the added risk of hacking. Furthermore, unlike your phone or laptop, it is not easy to update a car’s software. On our personal devices, it just takes a few clicks in order to fix a vulnerability. For a car, today this translates into a recall – bringing an entire fleet of cars into the shop for updating. Eventually, automotive software and operating systems will be updated while you are not driving.
By definition, factories have physical assets. Increasing or decreasing the temperature of any physical asset can cause harm to other items and to people. Starting up a factory production line can take hours or days. It is enough for a hacker to pause or cease production in order to caused millions of dollars of damage. As mentioned above, the COVID pandemic has opened the door to remote access to many factory production floors. Remote access to factories increases the “attack surface” for cybercriminals.
Use your imagination. Start with “slowing down production of pills” and move onto “changing ingredients”.
Boats and Airplanes
Similar to automotive, boats and airplanes are accident prone. The good news is that the airline industry has been updating software for decades as airplanes don’t go home with the pilots; they are parked in hangars where experienced technicians can fix vulnerabilities.
Everything you order or buy is a part of the world’s supply chain. Disrupting the supply chain can be dangerous. If cybercriminals hack a shipping company, it can slow down supply – everything from jeans to medicine will arrive late to homes and stores.
Hacking the Material World
There are many advantages to our interconnected world. Our smartphones have replaced alarm clocks, calculators, navigation systems, notebooks and so much more. We can do things that were unimaginable just two decades ago. This new amazing frontier comes with risks. We need to protect our digital privacy and decide what we divulge on social media. We are responsible for keeping our mobile devices and laptops secure.
Most of us see the connected world in a positive light. A small minority sees things differently. Let’s hope the cyber police stay ahead of the cybercriminals.