The nature of crime is quickly evolving. Photo / Getty Images
A peculiar feature of new technology is that criminals are often among the first users.
Maybe there are lots of smart criminals – or smart people who have fallen prey to criminals – but maybe it’s also to do with two other factors: lawmakers and law enforcement agencies are constantly looking for ways to stop crime, so criminals have to constantly innovate too.
The second factor is that the new technology may not yet be regulated, or regulations are not yet sophisticated enough to withstand the criminals.
Mariam Elgabry summed it up in an article in Systematic Reviews, noting: “When new technologies are developed, it is common for their crime and security implications to be overlooked or given inadequate attention, which can lead to a ‘crime harvest’.”
Speaking at the 2019 Singularity University Summit in Christchurch, a cybercrime expert noted that, despite the malicious use of new tech by criminals, he remained optimistic about the future. And although some of his stories amazed the audience, some fell into the “obvious in hindsight” category.
Remember Pokemon Go? It took over the world for a while as kids hunted virtual Pokemons geolocated in the real world. A cool mashup of different technologies into an irresistible game. Parents even liked it because at least it involved physical activity.
All good, but one of the earliest uses was by criminals who hacked it to direct fans down darkened alleyways where they could be mugged.
Pokemon Go wasn’t the only tech put to criminal use. Can you guess the first commercial use for drones? Most would probably assume military use or deliveries, but the truth is far more nefarious.
In fact, the first uses were ferrying drugs across borders and over prison walls. Fast forward, and security expert Marc Goodman was quoted recently in Wired talking about how Mexican narcos are now hiring drone engineers directly from aeronautical engineering colleges.
The Singularity speaker told us that the use of new technology by criminals tends to grow exponentially – following Moore’s Law – so it’s only fitting to call these early adopters “Moore’s Outlaws”.
A good place to look for Moore’s Outlaws might be in areas where disruptive technologies are expanding exponentially. The subtitle of Azeem Azhar’s 2021 book Exponential applies to new crimes just as much as to our own new behaviours: “How Accelerating Technology Is Leaving Us Behind and What to Do About It”.
Azhar picks four key technologies: “Between … computing, energy, biology and manufacturing … it is possible to make out the contours of a wholly new era of human society.”
But will that new era be riddled with new crimes?
One estimate I’ve seen suggests that, if cybercrime were a country, it would have the third-largest economy in the world, and be more profitable than the illegal drug trade and human trafficking combined.
We have seen the democratisation of computing over the last 20 years. Computing – almost a quaint word now – is intrinsic to the life of anyone born today.
We are acclimatised to cybercrime such as having our identities or bank accounts hacked, stealing cryptocurrencies, phishing, deep fakes and so on.
But the criminals never stop innovating. Just as we got used to the “email from the boss” scam, we have Theodore F Claypoole in the National Law Review (March 2021) explaining how European crooks used AI voice software to mimic the voice of a chief executive. That led to a UK executive moving money from a Hungarian bank to Mexico, where it disappeared into the ether.
Claypoole referred to a 2020 University College London (UCL) study in which experts ranked fake content as the most troubling use of AI: “Fake content would be difficult to detect and stop, and … it could have a variety of aims – from discrediting a public figure to extracting funds by impersonating a couple’s son or daughter in a video call.”
Daphne Leprince-Ringuet drew on UCL research too in an article called Evil AI: These are the 20 most dangerous crimes that artificial intelligence will create. Some segue into terrorism, like using driverless vehicles to deliver explosives or to run people over; others are more insidious, like introducing bias into databases.
The democratisation of computing means cybercrime has also been democratised. Claypoole notes that digital crimes “can be easily shared, repeated and even sold, which would allow tools to be marketed ‘and for the crime to be provided as a service’, therefore outsourcing the most technically difficult aspects of the crime”. In fact, there has been a proliferation and democratisation of hacking tools.
In 2020, Europol suggested a schema for malicious use by criminals of AI beyond deep fakes, listing five examples: convincing social engineering attacks at scale; document-scraping malware to make attacks more efficient; evasion of image recognition and voice biometrics; ransomware attacks, through intelligent targeting and evasion; and data pollution, by identifying blind spots in detection rules.
More optimistically, it also had five suggestions for how to combat these crimes: use AI to fight back; more research into how to do that; develop secure AI design frameworks; de-escalate politically loaded rhetoric on the use of AI for cybersecurity purposes; and leverage public-private partnerships and establish multidisciplinary expert groups.
The cost of wind, solar and other renewables is dropping exponentially, and the spread of affordable batteries is solving the problem of those technologies being prey to wind and sun conditions.
Dastardly renewable energy crimes are already occurring. In 2013, a driver in the US state of Georgia was jailed for stealing 5c of electricity after he plugged his Leaf into a school outlet (what would have happened if he’d plugged his iPhone in?). The police said “A theft is a theft”.
Maybe that story is silly, but in 2019 a Florida driver got away with parking his Tesla on a stranger’s front lawn and plugging it in for 12 hours while he went partying. He was warned by police but didn’t have to pay the homeowner for the power.
Maybe that story is cheeky, but what about security flaws in chargers? Aria Almalhodaei wrote about this poorly regulated area where some chargers allow criminals to access your Wi-Fi network, or more ominously to act like mobile phones infected with a virus and spread mayhem, including to IoT networks or the electricity grid.
In January 2021, Financier Worldwide Magazine explained how the “energy and natural resources sector has global, fast-moving and dynamic markets”. The move to renewables is making this even more complex, including the use of government regulations and subsidies.
One example is Mexican drug cartels pivoting to mining theft or corruption. It’s already happened with gold, silver and iron, and there are fears it will happen with lithium mining, which tends to be in remote locations.
A famous example of criminals exploiting government intervention is the “ecomafia” in Sicily. The European Union and the Italian government provided huge state subsidies for wind and solar power (and guaranteed the world’s highest rates), and much of this went to plants in Sicily because it’s windier and sunnier than other parts of Italy. By the early 2010s, authorities had seized a third of the island’s 30 wind farms and a few solar plants, frozen more than US$2 billion in assets, and arrested dozens of people.
Claudio Deiana and Andrea Geraci, in a 2021 paper called Are Wind Turbines a Mafia Windfall? The Unintended Consequences of Green Incentives, highlighted the “risks of criminal infiltration of the green energy sector, especially when incentive schemes are insufficiently competitive and overly generous”.
In 2013, NetZero Watch reported how the British tax office arrested seven people in London in a suspected £38 million VAT fraud in the European market in carbon allowances.
They quoted Kiwi Bryan Leyland, as NZ Climate Change Science Coalition economic panel chair: “To my knowledge, carbon trading is the only commodity trading where it is impossible to establish with reasonable accuracy how much is being bought and sold, where the commodity that is traded is invisible and … where both parties benefit if the quantities traded have been exaggerated … It is, therefore, an open invitation to fraud and that is exactly what is happening all over the world.”
Azhar believes the pace of progress in biotech makes that in energy look glacial. He cites how the cost of the first human genome sequencing – in 2000 – was about US$300m, with further refinement taking it to nearly US$1b. By 2001 that was down to about US$95m, less than US$1000 in 2019, and about US$100 in 2020. That’s way faster than Moore’s Law of halving every 18 months.
Genome sequencing is just one area of biotech where progress is quickening. Another is synthetic biology (a mashup of computing, biology, electrical engineering and biophysics to create new biological components and systems) which Azhar says “is on an exponential march – one that is churning out breakthroughs in agriculture, pharma, materials and healthcare”.
Just as biotech offers exhilarating possibilities around the elimination of cruel diseases, it also offers chilling possibilities for new crimes.
Elgabry looked at crime and synthetic biology and listed some horrific possibilities such as new viruses, or “genetic genocide” where a biological vector targets a specific ethnic group.
We hear a lot about CRISPR, the gene-editing technology. It’s a wonderful tool to replace damaged genes with healthy versions, and may one day help fix genetic diseases like cystic fibrosis.
Basic CRISPR kits can now be bought online for a few hundred dollars or less. Can they be used to alter a criminal’s DNA to outfox forensics investigators? The answer seems to be “maybe”, but it would require an extreme intervention. Plus, as one commentator put it, “to fully evade DNA forensics you would … likely have to make much more extensive changes (ie skin, semen, hair, blood, cheek cells)”.
Biotech also gives rise to some weird regulatory and enforcement challenges. An article by the World Future Society way back in 1992 posed some fascinating questions. If an android with a human brain goes berserk, should it be returned to the factory, imprisoned, or put in therapy? If a clone behaves badly, what should happen to its fellow clones? If a human who has received pig genes as part of a medical procedure misbehaves, should they be tried or just “put down”?
All a bit silly, but there are lots of other more plausible questions. What does “life imprisonment” mean for someone whose lifespan has been doubled, and who should pay for it? Would it be an option to reverse the enhancement by speeding up the ageing process? We know most violent crime is committed by young men – would it be an option to “sentence” them to become a more sedate 50-year-old? Or be forced to have a behaviour control implant (and how would that be different to behaviour control medication)?
One recent example of biotech testing legislation was the case of Chinese scientist He Jiankui, who created the world’s first gene-edited babies in 2019. It drew universal condemnation around the world, but the legal situation was not completely clear. Some countries such as the UK have long had legal frameworks for such technology – transferring a genetically modified human embryo for gestation carries a penalty of up to 10 years in prison – but they are not universal. In China, He Jiankui was eventually sentenced under the heading of “illegal medical practice”.
David Cyranoski, in Nature in 2019, raised the issue of regulations struggling to keep up with new developments in the context of mitochondrial replacement therapy, a controversial procedure used to correct genetic defects and boost success in pregnancies. It’s widely banned, but he found clinics in five countries offering the service. Are the scientists concerned mavericks or criminals?
I’m not sure if nanotech should be classified as biotech, but it’s another area where advances open up grim possibilities. Lucas Bradley, in a paper about regulating weaponised nanotechnology, explains how nanotech is altering “conceptions of surgery, mechanisation, and construction”.
He also warns about how nanotech will be difficult to trace, could be unpredictable, carries risks of grave biological harm, could be used to infiltrate systems with malign intent and may be able to self-replicate.
Nanoethics.org warns of torture by disassembling a human at the molecular level, ethnic cleansing, mind control/slavery and eavesdropping, as well as new environmental crimes. A common nanotech is carbon nanotubes (20 times stronger and lighter than steel) which look like asbestos fibres – what happens if they make their way through the food chain?
These troubled geopolitical times have shown location to be critically important (chip factories in Taiwan?). On the hand, Azhar says the container age has peaked with the emergence of commercial additive manufacturing. Intangible assets represent an increasing portion of the value of products (a $1000 iPhone has only $400 of parts), meaning it now makes sense to manufacture locally in places with high labour costs. This trend will be exacerbated by the increased prominence of carbon miles.
Azhar quotes Terry Wohlers, an analyst in the field, saying the 3D printing market grew 11 times in the decade to 2019 – a rate of 27 per cent per annum, and Azhar himself predicts the sector will see performance improve 14 times by 2030, with prices dropping accordingly.
Europol has identified 3D printing as ripe for criminal abuse.
When Cody Wilson posted blueprints for a functional plastic gun on the internet in 2013, they were downloaded 100,000 times before the US government intervened. Blueprints for lots of 3D-printed weapons have been posted since.
Apart from the risk of unregistered and illegal weapons proliferating, there is also the risk of guns being made entirely of materials that cannot be detected by x-ray machines. One was detected in the US only because it contained live rounds. Another risk is the possibility of weapons being printed to look like innocent articles such as a shoe.
The Economist asks what it means for customs authorities. Should their focus shift to controlling the transmission of plans and materials across borders? Challenging, because even the regulation of 3D designs has been disrupted by the James Bond-sounding Disarming Corruptor. It’s a software tool that disguises blueprints to avoid detection by IP-protecting algorithms,
Security is another area subject to 3D printing crime. A German hacker printed keys for high-security handcuffs. MIT students CT-scanned locks, then printed keys. Criminals across the world have printed devices to hack ATMs, such as fake facades. 3D-printed faces for facial recognition may not be far away.
There’s lots of commentary about the looming possibility of home-printing medication, and how this technology will enable a revolution in printing illicit drugs.
Counterfeiting may be ripe for 3D printing, even sophisticated paper currency or upmarket products like Rolex watches or handbags.
Moving in what Anti Copying In Design (ACOID) calls “the really dark side”, the FBI has examined the risk of printing explosives. Scientists are working on printing bacteria and viruses which of course be misused by bad actors. Columbia University Professor Hod Lipson talks about a possible black market in printed human organs, as well as the risk to patients of criminals deliberately selling cheap, poor-quality organs.
The US National Institute of Justice has identified the risk of thermoplastic polyurethane being printed to replicate a fingerprint, including synthetic warm blood.
Europol’s formula for staying ahead of cybercriminals – using the tech itself in a regulated way to combat its misuse – probably applies to all crime enabled by new technologies. It’s dreary to repeat old saws like the need for eternal vigilance and the like, but it seems inescapable.
Goodman advocates for a civil response. Let’s not leave it up to legislators and law enforcement, but rather treat cyber and other tech-driven crime akin to public health emergencies: don’t try and arrest all the criminals, but “create a self-healing immune system for the internet, so that even if a disease or a virus gets created, it won’t be passed (on)”.
He likes the idea of crowdsourcing law enforcement. Criminals already do this (hackers are one obvious example), so why not have the equivalent of Civil Defence or Neighbourhood Watch to support our government agencies?
An Expert Panel on Emerging Crimes hosted by the Canadian government arrived at some encouraging conclusions. There is no reason to think the current trend of declining violent crime will change. Analysts who emphasise technology don’t understand history. For example, “virtually every kind of crime now conducted through modern communications technology had some equivalent in the telegraph age”, the panel said.
Criminals may be early movers with new technology, but “criminals are generally backwards in their choices of techniques … the real pioneers in using things like communications technology are the police and other agencies of the state”.
Further, it concluded, “criminals who work in groups are often not very thoroughly organised”. Apparently, the Colombian cartels disintegrated into hundreds of groups, and the democratisation of crime will reinforce that trend.
That’s good to hear, given the only law that seems not to need constant updating is the law of unintended consequences.
'I can imagine people being outraged that TVNZ signed a deal with me.'