Future and Present of Hacking

In publishing and graphic design, Lorem ipsum is a
The future of hacking, like the future of technology, is always squirming, breeding and morphing just beyond the normal person’s line of sight. Thus, we don’t generally see a new threat rising until the fully-grown beast charges. A really interesting and concerning area of hacking is Bio-hacking. Bill Gates once told Wired magazine that if he were a teenager today, he would be hacking biology. Hacking the software of life (DNA) is a prime example of why hacking endures even while computer code has become mere child’s play, he said. The challenge of hacking, controlling and ultimately mastering opportunities once thought beyond the purview of man will always lay beckoning. Biohacking has evolved from taking place only in garages and at kitchen sinks to sophisticated laboratories. Although the Holy Grail is to create life (of the unnatural variety) from scratch, these synthetic biologists are really attempting to mimic DNA code in other types of engineering including mechanical, electrical, chemical and software.
The goals range from enslaving micro-organisms to constructing genetic machines. No doubt some of this activity will be beneficial to mankind as it emerges much like the PC revolution arose from garages. But equally, without doubt, much of the fruit of these labors will be the poison used to hack and attack corporations, governments, and individuals. There will also be an increase in bioterrorism and genetic malware of both the physical and virtual varieties.

“Newer biometric authentication systems will replace passwords, quite possibly with a mix of ocular and filial credentials,” said Kurt Baumgartner, a senior security researcher at Kaspersky Lab. “Whatever the credential replacement is, we will see cybercriminals respond with devices that parallel ATM skimmers of today. Iris skimmers and spyware that steals identification information provided by [a person’s] eyes will be implemented and distributed.”

For most people, it will feel like genetic miracles, machines and monsters appeared out of nowhere and the future hit them full in the face with absolutely no warning.

Is it any wonder then that our security measures will fall short?

“The adoption cycle of new technology is staggering, and the primary threat is not the evolution of the traditional threat, but new forms of abuse,” said James Lyne, senior technologist at Sophos. “The challenge is that we’ve seen a significant reduction in adoption times for new technologies and it’s become increasingly difficult to identify issues before they appear.”
“Beyond the benefits and scares we will soon receive, there are the less adventuresome, but equally troublesome and far more common hackers to guard against now”.
Here is a partial list of the dangers they are cooking up:

Malware targeting virtual machines

“Security researchers have long used virtual machines (VMs) to isolate and analyze malware.”
“Many breeds of malware today can detect if they are running within virtual machines and make adjustments or shut down altogether in order to evade detection, but only a few proof of concept viruses have actually attempted to break free into the host machine,” explained Fred Touchette, senior security analyst at AppRiver. “We expect to see more of these in the near future.”

RFID bandits

Radio frequency identification (RFID) provides many opportunities for potential exploitation. RFID systems, like most electronics and networks, are susceptible to both physical and electronic attacks. As the technology matures and becomes more widespread, so do hackers who aim to gain private information, entrance to secure areas, or take a system down for personal gain. Typically, these exploits will be aimed at the various uses of RFID in supply chain, retail transactions, counterfeiting/cloning, and the ability to defraud physical access such as public transportation.
After all, RFID is just another medium in the electromagnetic spectrum that stores, accesses and enables the use of data. Today, data and the use of data are more valuable than money to any hacker.
“Consequently, RFID adoption creates a new ability to carry out the current and future goal of any criminal or nation state which is using collection, dissemination and use of data to achieve their goals,” said Rich Baich, principal in the Security and Privacy practice of Deloitte & Touche. “These goals will be geared toward economic gain, political influence and projection of power.”

Logic exploits

Logic vulnerabilities are high on the emerging hit list. “Identification of defects in business logic is the next frontier for application, software security,” said Raf Los, Web Application Security evangelist, HP Software. “As organizations understand how to secure their code against programmatic errors, including SQL injection and cross-site scripting (CSS), attackers will inevitably move on to attacking application logic.”

ATM attacks

Researchers from information-security consulting firm Positive Technologies looked at 11 different models of ATMs made by NCR, Diebold Nixdorf and GRG Banking, set up in 26 different configurations, and found that ATM security is a stinking mess.
Every single ATM the researchers examined was vulnerable to software-based attacks, not all of which involved opening up the ATM cabinet. All gave up customer card data in one way or another; 85 percent, or 22 of 26 ATMs tested, let you hit the jackpot and walk away with stolen cash without cracking open the safe.
“More often than not, security mechanisms are a mere nuisance for attackers,” the Positive Technology Report, said. “Testers found ways to bypass protection in almost every case.”

RAM scraping

“For years everyone has been locking down databases since they are the source of information, but now hackers that can breach a server can get an application less than 1MB in size on the server and capture all the data as it is written to RAM before it goes to a database,” said Chris Drake, CEO of FireHost. “An application like this can also capture data (such as credit card numbers) that don’t even go into a database, but that are processed by a third party provider. RAM scraping will be a huge concern as it gains more popularity among the hacker crowd.”

Dark Knight attacks

From Microsoft Kinect to smart phones, everything is connected to the Internet and comes equipped with microphones, video cameras, gyroscopic feedback, and GPS. “In the movie The Dark Knight, they hacked into every cell phone to build a live three-dimensional image of everything happening within Gotham City,” explained Harry Sverdlove, CTO of Bit9. “The technology to do this is within reach today. Through facial recognition, speech pattern identification, and geo-location feedback, future hackers could raise ‘targeted attacks’ to a new level.”
The most important thing to understand is that hackers evolve faster than technology needed to stop them. Indeed, they are the catalyst for the next wave of security technology. We will conquer and be conquered by the next generation of geniuses, both good and bad, exactly as has happened before.

Explore More