A hack will kill someone within 10 years, and it may have already happened

A hack will kill someone within 10 years, and it may have already happened

wounded actor dead injury New York City Firefighters drag a wounded actor to safety during an active shooter drill on Kenmare St. on November 22, 2015 in New York City. The drill, in cooperation with the Department of Homeland Security, simulated an active shooter situation at the Bowery subway station. Michael Graae/Getty Images

 

As we hurtle forward into the digital, connected future, ever-more objects are becoming targets for hackers and malicious software.

Where once hacks only affected computers, they now bring down everything from cars to power grids, thermostats to secretive nuclear enrichment programs.

So how long until a hack doesn’t just cause a nuisance or monetary losses but actually kills someone?

One well-respected security expert thinks humanity will see its first death as a result of a hack within 10 years – and it may even have already happened.

“It could have happened already, but we don’t know. Stuxnet could already have killed people,” Mikko Hypponen, chief research officer for F-Secure told Business Insider, referring to the sophisticated computer worm that targeted Iranian nuclear facilities that most people believe was developed by the American and Israeli intelligence services.

“We don’t know if it killed people, it’s possible because it caused centrifuges which are filled with uranium gas to break down in the middle of their spinning cycle, so if there are scientists in the room they could’ve died … I guess the Iranians would have told the world if Americans had killed people with the hack.”

“We as mankind crossed a line.”

Hypponen is a highly regarded security expert who has been working in the field since the nineties. He’s a regular public speaker on the subject, once tracked down the authors of the first ever computer virus, and has been profiled by Vanity Fair.

The security executive doesn’t think whether or not someone has died is what’s important. “The important part is the Americans and the Israelis must have understood what they were doing. It could kill people, and they did it anyway. And I think we crossed some line – we as mankind crossed some line – when they made that decision.”

Stuxnet isn’t the only time we’ve seen a hack with potentially fatal consequences. In December 2015, the Ukrainian power grid was taken offline by a devastating hack. Had it gone on longer, or had conditions been worse, it could have easily resulted in a death. “If the power outage had gone for longer, yeah we would’ve had people starting to die for many different reasons. Hospitals starting to fail, or just people starting to freeze because it’s December.”

Like Stuxnet, nation-state-sponsored hackers are suspected, with investigators pointing pointing fingers at a Russia-based team.

Ordinary hackers aren’t about to start trying kill you…

mikko hypponen f secure hacking Mikko Hypponen spoke to Business Insider at the InfoSec Europe security conference. Rob Price/Business Insider

 

While the connected world gives ever-more opportunities for harmful or even fatal hacking, Hypponen doesn’t think ordinary hackers are suddenly going to turn into murderers. Because why would they?

“Then we get to the next question: Who would do it and why? People have these notions of evil hackers doing stuff like that, but that’s actually not likely to happen. Hackers don’t want … to kill people. It’s also illegal to kill people.”

Hackers will continue to be motivated by the same things people will always be motivated by – albeit with more tools at their disposal. “Driving people off the roads in their connected cars? It could be done, but I’m not worried about it.”

Hypponen is more worried about people exploiting vulnerabilities to steal cars. “Killing people is a bad idea. It doesn’t make money. Hackers generally want to get a benefit for their hacks.”

…but they’re not the only ones out there.

Don’t breathe easy just yet. Stuxnet and the Ukranian power grid show there are hackers out there with the capability out there today to cause fatalities, even if just as collateral damage. There will certainly be more attacks like them.

ISIS Islamic State Religious extremists may well be the first to kill people with (or as the result of) a hack. Reuters

 

And there are some out there with malicious damage and human harm as their primary aim. “Who would be interested in doing hacks where people suffer? Well, extremists – ta da! – Islamic State, or any other group which has the know how and has the will to do evil like this. And this is why I’m really glad to see the US military is taking the risk of extremist hacking so seriously. They’ve now drone-killed two hackers with drone strikes – two UK citizens by the way.”

Whoever the hacker and whatever the reason, deliberately or accidentally, it’s going to happen, Mikko Hypponen says – within a decade.

“Ten years. Within ten years. Could be five.”

 

 

[Business Insider]

June 12, 2016 / by / in , , , , , , , , ,

Leave a Reply

Show Buttons
Hide Buttons

IMPORTANT MESSAGE: Scooblrinc.com is a website owned and operated by Scooblr, Inc. By accessing this website and any pages thereof, you agree to be bound by the Terms of Use and Privacy Policy, as amended from time to time. Scooblr, Inc. does not verify or assure that information provided by any company offering services is accurate or complete or that the valuation is appropriate. Neither Scooblr nor any of its directors, officers, employees, representatives, affiliates or agents shall have any liability whatsoever arising, for any error or incompleteness of fact or opinion in, or lack of care in the preparation or publication, of the materials posted on this website. Scooblr does not give advice, provide analysis or recommendations regarding any offering, service posted on the website. The information on this website does not constitute an offer of, or the solicitation of an offer to buy or subscribe for, any services to any person in any jurisdiction to whom or in which such offer or solicitation is unlawful.