Criminal intent: How the ‘Internet of Things’ can also be a threat
Chang
5G is the newest set of technologies for broadband cellular networks, making mobile phones, homes, fridges and even toilets smarter and more efficient.
The technologies open many doors for us, as it’s much faster and more stable. More homes are now built as smart homes using 5G technologies, including lighting systems and energy control.
You can now open a door through facial recognition or voice recognition. You can ask your Google Home to start the coffee machine. You don’t have to leave your warm bed to raise the blinds, or worry that no one at home has watered the garden.
Of all the applications, I like the 5G smart fridge. You’ll no longer need to come up with a shopping list or make orders online – your smart fridge can do that for you. I also like the 5G driverless car – all the sensors and computers in the car will make your drive more comfortable and safer.
And one day, I believe soon, your fridge will be able to communicate with your car to take you to a bottle shop to pick up beers because your beer in the fridge is running low!
The smart toilet is also a great invention, although we know many people are already using semi-smart toilets, especially in Japan.
5G equips the toilet with more functions. We’re starting to see the use of the smart toilet as medical equipment. While you’re doing your business on the toilet, it can at the same time do some testing and send the result to your doctor to monitor your health issues.
This is especially useful for people who have chronic conditions and need regular monitoring. Now they don’t have to go to the clinic or pathology service – the toilet does the job.
‘Everything is hackable’
These all sound very promising and show that 5G technologies can bring many benefits to our everyday lives. The “Internet of Things” (IoT) will definitely make our lives easier.
But we shouldn’t ignore the negatives. There’s an “Internet of Things”, but also an “Internet of Threat”. Since everything is now connected, that means everything is hackable. Better technologies create a great opportunity for hackers, and open a great future for cyber criminals.
Read more: Justice and the internet: the rise (and risks) of the online vigilante
Back in 1999, Harvard law professor Lawrence Lessig wrote a book called Code and Other Laws of Cyberspace, in which he argues the internet was not originally built for commercial use, and therefore potential security problems weren’t emphasised at the beginning of its development. While we think we can all learn from history, we often fail, and we can now see that while developing the new 5G applications, security and safety concerns weren’t always taken into consideration.
This might be because the developers don’t want to think about security issues, as it might impede the development or the selling of the product if they put security in the front line.
It might also be that the developers don’t foresee that these applications can be used in unintended ways. Criminals are usually the smart ones.
So, what’s the connection between the 5G “Internet of Things” and cybercrime?
I put cybercrime in two categories – cyber-dependent crime, and cyber-enabled crime.
Cyber-dependent crime emerged after the internet was invented in the 1980s. It needs the technology and the internet. Examples are hacking, distributed denial of service (DDOS) attacks, and botnets.
Data on hacking trends towards home automation devices tells us that almost everything is now hackable in the house. There are also cases we know of where devices have been hacked and used as a bot-infected computer to launch cyber attacks. We can also see that IoT botnets are on sale cheaply on the dark web.
Bringing the spam
Crime as a “service” is also becoming more and more popular, as spam or unsolicited messages are now also linked with IoT devices.
Smart fridges are becoming a target for spam. Some owners in China complained about the advertisements and unsolicited messages broadcast on their fridges, and they were told by the device manufacturer that they had to join as a premium member to allow them to turn off those advertisements. (I wonder if those companies learnt this from YouTube!)
These so-called “cyber-dependent” crimes are to be expected, and are nothing new. The new development is that it’s getting worse, and might end up having a great impact on our lives.
What’s less discussed is the impact of the IoT on what we call “cyber-enabled” crime. This is traditional crime facilitated by new technology – for example, online scams, dissemination of pornography or child sexual material, or exploitation materials.
I believe privacy invasion is certain to be a problem in the era of 5G and beyond, as every IoT device that comes with audio/video functions can easily be used to monitor people’s lives.
Virtual reality is going to be a massive trend. Facebook has changed its company name to Meta, preparing itself for the future of the metaverse.
We need to think about issues relating to sexual assault online in this context. If someone raped another person in the VR world, is it rape? This is like an episode of the Netflix show Black Mirror – though it might seem quite far from us, this is what will happen in the very near future.
Read more: Spyware, and the future of public-private collaboration against cybercrime
One important factor is the connection between the IoT and domestic violence. We’ve started to see that abusers use IoT devices to control their partners by denying them the right to turn the machine on or off, or tracking them without their understanding – for example, most cars are now linked to a mobile phone, and the user can easily track where the car is. This can lead to coercive control.
Unfortunately, most of the car or phone designers don’t see these technologies being used in a negative way.
The biggest concern is if the IoT devices become “killware”. As this piece explains, killware could be used by cybercriminals in the “hijacking, for instance, [of] a car and deliberately forcing a malfunction”.
Killware has already been discussed widely in the context of protecting critical infrastructures. It’s possible that cyber terrorists or extremists might use malware to cause death. But now it can potentially happen to any of us. A homicide might be conducted without using violence, guns or knives. It is even possible that a smart toilet and linked medical devices could be hacked to kill.
Early action is the key
We can all agree these are scary scenarios. We need to take action now to prevent them from happening. It’s no longer about what existing laws and norms can regulate. It needs more close collaboration between the public and the private sector, but we first need more research on how we enhance this public-private collaboration without handing the private sector too much power.
We also need to raise more awareness, because these are everyday devices in the hands of ordinary consumers. As we all know, there’s always a possibility for the devices to be used in a negative way, which we can’t prevent in the design. That means it’s increasingly important to provide warnings to the user, as well as knowledge on how to avoid becoming a victim.
Crime is very good at following opportunities – and the evolution of technology is a significant opportunity.
About the Authors
-
Lennon chang
Lennon researches crime and governance of cyberspace – cyber crime, cyber terrorism and cyber warfare, particularly in the greater China region. He's currently researching internet vigilantism as well as cybercrime and cyber-deviance among juveniles in the Asia-Pacific region. He's the vice-chairman and co-founder of the Asia Pacific Association of Technology and Society and featured in the recent 'A Different Lens' cryptocurrency series.