Will emotions be hackable? Exploring how cybersecurity could evolve
At a Passcode event, the Center for Long-Term Cybersecurity at the University of California, Berkeley unveiled a series of scenarios exploring the various alternate futures of the Internet.
In 2020, roving gangs of criminal hackers may reign supreme on the Internet. Hired guns will keep your data safe – or at least try to.
And when it comes to data tracking and analysis, so much personal data will be collected and analyzed that companies will have repositories of emotional histories. Instead of revealing tax returns, presidential candidates may even present emotional histories to prove how they perform under pressure.
Those are among the ideas the University of California Berkeley's Center for Long-Term Cybersecurity (CLTC) explores in a report released last week modeling the state of the Internet and digital security in 2020.
"We’re beginning to isolate the most critical uncertainties that will impact cybersecurity," said Steven Weber, who directs the CLTC and coauthored the report, which was presented at an event Passcode hosted in Washington. "We’re trying to get people to plan for the landscape."
Here are a few key takeaways from the event:
1. Connected devices collect even more personal information – but could also provide tremendous societal benefit
In just a few years, wearables could track and collect your deepest secrets – recording a real-time profile of your feelings. "In 2020, a presidential candidate isn’t going to release her tax returns, she’s going to release her emotional decisions," said Mr. Weber. "You’re going to be able to audit that."
But cybercriminals, governments, or advertisers could use or even steal that personal data to manipulate your feelings in real-time – whether to encourage you to buy specific products or even psych you out in a sports game.
With the rise of the Internet of Things, consumers may need to become savvier about what sort of data is being collected about them, and who has access to that information.
"People will behave a lot more strategically," said Ed Felten, deputy US chief technology officer. "I think you’ll see people think about what image they’re portraying. I think this is one of the things that happens as behavioral observations get built in [to devices]."
2. We're all going to have to learn to live with cybersecurity risk
"Consumers are beginning to realize that they are the product," said Jeff Moss, the founder of the Black Hat and DEF CON hacker conferences, as tech companies collect people's personal data, in some cases to sell to advertisers to keep their businesses running and offer free services.
And in the future, people may be become even more comfortable with losing control of their information.
"We know that we have to have a cellphone, but people can get access to your location data," Mr. Moss said. "There’s so much given up with having a cellphone, but good luck living without it. You just have to accept that risk."
But deciding to step back from the Web given the uncertainty of what the future might hold is a mistake, especially since connected technology will be inextricable from daily life, said Mr. Felten.
"I think [pulling back] is a huge loss of opportunity because people have a tremendous amount to gain from technology," Felten said. "You can’t really secede from the digital world unless you move out into a cabin in the woods."
3. To prepare for the Internet of the future, let's talk about it differently
Cybersecurity has been in the American pop culture narrative at least since the release of "WarGames" (1983) and "Sneakers" (1992) – but still, there’s very little agreement on how to describe today’s digital landscape.
"There has to be a way to create a language set that’s specific and concrete, accurate and urgent," said movie producer and screenwriter Walter Parkes, who cowrote both of those films.
"We’re dropping 'cyberbombs' on ISIS," he said, referencing Deputy Secretary of Defense Robert Work's comments on the US military's campaign to stop the Islamic State. "What in the world does that mean?”
With so many breaches happening now, cybersecurity awareness is growing, said Nate Fick, chief executive officer at the cybersecurity company EndGame. That could improve the quality of public discussion as more people understand the impact of cyberattacks on business and society.
"Within companies, we’re getting better at telling the narrative of why [cybersecurity] matters," he said. "The heat gets turned up when CEOs get fired because of data breaches."
4. Companies should think twice about 'hacking back'
As more data is collected than ever before, criminals of the future will have even more enticing targets. But companies that try to counterattack to actively stop attacks or steal back their data could only make things worse.
"First, hacking back is illegal, which should be enough, but it’s not enough,” said Mr. Fick. "It’s the equivalent of bringing a knife to a gunfight. Do you think you can win against [China's People's Liberation Army]? Do you think you can win against the Russian Mob? I would argue that you can’t."