A combination of spyware and information brokers will revolutionize the opportunities for criminals. All useful information available to spyware will be archived and sold in lots or through searches, facilitating targetted crimes such as theft, blackmail and espionage.
Spyware started off with specific goals, such as tracking what websites a person used or
logging the keyboard for passwords. There are many pieces of useful information to criminals, however, and any missed opportunity can be considered missed revenue. Now that spyware has an economic goal, making it gather all information will be the way of the future. Another approach to spying is the theft of information on unsecured wireless networks. Well-placed sniffers will gather some of the information available to spyware resident on the computer. The next step is to monetize this information for the controller of the spyware. Just as governments and companies store increasingly detailed information on citizens/consumers, it makes sense for criminals to do the same.
Let’s consider an organization called Anti-Google (motto: Be Evil). It plants no spyware itself, it just buys information from those who do, paying through PayPal perhaps. What would it buy? Anything it could sell:
- accounts/passwords (bank, email, eTrade, eBay, PayPal, porn, corporate networks, cell phone, …)
- websites visited (including those you wouldn’t want your spouse to know about)
- email, IM and VoIP converstations (including those you wouldn’t want your spouse to know about)
- search results related to consumer goods, e.g. possessions
The final stage is the sale to all those who can use this information to ply their trade:
- the burglar pays to find houses with jewelry, laptops, credit cards, passports,…
- the private eye pays to catch the adulterer,
- the blackmailer pays to find the skeletons in people’s closets,
- another online broker sells accounts and passwords,
- companies will spy on their competition,
- governments who are willing to wiretap their own citizens will find this service irresistable
and will pay for the information of use to them
Now consider what you’ve used computers for in the last year. Enumerate the infomation you’ve shared with your keyboard, mouse and network cable. Ask yourself how you would respond if each of those were being stored in a criminal database and then got exploited. If each stage of this scenario is logical and economically beneficial to each party, then neither laws nor ethics will stand in the way and it is a matter of time for it to happen.