The Pegasus Threshold
Thinking Malware and the Future of the Internet
The discovery of Chrysaor (called Pegasus on Android operating systems), an extremely sophisticated malware virus, officially heralds the age of malware designed around the artificial intelligence (AI) paradigm. The beginning of malware that 'thinks,' AI-based malware can quietly exist on your computer or on your phone or other Internet enabled devices, undetected by anti-virus and anti-malware software. It can learn not only the patterns associated with this protection software, but also patterns associated with the user. In this mode it can gather data, install and uninstall itself when needed, foil or disable detection algorithms, and continue to become ever more savvy about the system it is infecting.
The implications are, of course, that this technology will grow by leaps and bounds because there will be great demand for it; not only by hackers, thieves and miscreants, but governments and large corporations will want their versions so that they can collect sensitive information about competitors or political rivals, or people who might not agree with them.
I should think that this kind of malware will be mainstream within five years, as its sophisticated precursors are already in use right now. And within ten years, I would guess, the web will be rife with this kind of menace, finding ever more sophisticated ways onto devices of all kinds.
With literally everything being connected to the Internet of Things (IoT), one begins to wonder about risks. Cyberspace could get interesting, and relying on the Internet for things like one's livelihood and critical needs like banking, bill paying and research, stands to get increasingly dicey. If your computer could be hacked at will, would the web still be worth its oracle-like and time saving conveniences, or its social interaction turbo-charger?
It's always interesting, too, to speculate about huge Internet-based companies whose business relies on, of course, the Internet. In fact, one might notice the quiet expansion going on among larger internet corporations into other interests beyond the web.
Who would be willing to continue using the web when highly sophisticated AI-based malware viruses become commonplace, compromising all of your personal transactions as well as putting you at risk to be the victim of a sophisticated ransomware attack, or a direct assault on your personal information?
Did I hear you say not to worry, that there would be sophisticated AI-based anti-malware software to combat these? There most definitely will be. Except the rules will have changed dramatically; the malicious target is a moving one this time, able to morph and change in nanoseconds based on its ever evolving intelligence gathering. The goal of AI design is to mimic human learning and make decisions based on ever-changing information. How will you know that your anti-malware software is actually 'seeing' the smart-virus right under its nose that, coincidentally, continues to learn more and more about the behavior of this very same software that's supposed to be protecting you?
It is hard not to see the writing on the wall. We will soon be reaching a critical threshold and will be forced to adapt, one way or another. The quite flatulent elephant in the room is that the Internet has always been a candle in the wind. It's not too difficult to envision the wind stiffening in the very near future.
