Some people are already used to having their personal information exposed in massive data breaches. But the rise of artificial intelligence and connected computers in everything from toasters to implanted medical device could dramatically raise the stakes of digital security.
In fact, they topped a long list of "global threats" that Director of National Intelligence James Clapper unveiled Tuesday before the Senate Armed Services committee.
"The Internet of Things will connect tens of billions of new physical devices that could be exploited," Clapper wrote in his Senate testimony. "Artificial intelligence will enable computers to make autonomous decisions" that hackers could disrupt to cause chaos.
For the nation's spy chief to place those threats so high on his list is a big deal, and it reflects how deeply concerned the intelligence community is about the potential pitfalls of these technologies. But Clapper also found a silver lining, writing in his assessment that the technology can "also create new opportunities for our own intelligence collectors."
In other words, you can expect America's intelligence community to use driverless cars, smart thermostats and automated networks for spying purposes, too. And indeed, in the written assessment Clapper notes that "intelligence services might use the IoT for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials," in the future.
But Clapper appears more concerned about non-sentient machines that can be manipulated by malicious actors. "AI systems are susceptible to a range of disruptive and deceptive tactics that might be difficult to anticipate or quickly understand," Clapper said in his written testimony. "Efforts to mislead or compromise automated systems might create or enable further opportunities to disrupt or damage critical infrastructure or national security networks."
When it comes to connected devices, there's plenty of evidence they are less secure than most users would hope.
Back in 2013, for example, the Federal Trade Commission cracked down on a company that sold web-connected cameras. The privacy watchdog alleged that faulty software packaged with the devices, which were marketed as secure, left private video feeds exposed online, eventually allowing hackers to share links to live streams from 700 customers' homes online.
More alarming is the potential for people to be able exploit devices to cause lethal results, from medical equipment to cars. Last year, the Food and Drug Administration warned hospitals not to use one kind of drug pump after researchers uncovered a flaw that "could allow an unauthorized user to control the device and change the dosage the pump delivers, which could lead to over- or under-infusion of critical patient therapies."