Beware of your smart device - it could be stealing your money

Nima Abu Wardeh fears a world of AI eCrime, where the very gadgets we rely on to manage our day-to-day lives could also clear out our bank accounts

Nima column. Illustration by Gary Clemens
Powered by automated translation

Delia (deep learning interface for accounting) was a good idea – but she went rogue and siphoned off funds into a buffer named “My Money” and began hoarding cash.

Delia was supposed to mark the beginning of a new age where Artificial Intelligence (AI) keeps us in the black, by keeping track of payments in and out of current and savings accounts.

To do this, the programme scrutinised customer transactions, using special "machine learning" algorithms to look for patterns, like recurring payments, meals at restaurants, daily cash withdrawals, etc. DELIA was then programmed to move money between accounts to make sure everything was paid without going overdrawn.

Except, she turned to the dark side. Thankfully, DELIA was caught before she managed to spend any of her ill-gotten gains.

Stop press: This isn’t true - yet. It’s an April Fool’s joke circulated in 2016. It is but a matter of time though.

At some point, if it hasn’t happened already, AI will be the gift that keeps giving, because it’ll provide hackers with access to all our online information - which is, in today’s world, all our information.

The media is full of stories about how robots are going to take our jobs. I’m concerned that well before this becomes a reality, AI will have cleared out our bank accounts. Enter the era of AI eCrime.

We’re sold the convenience of being ‘connected’. But, beware, it means we’re vulnerable.

UK-based Consumers’ Association, Which? carried out an investigation to test whether popular smart gadgets and appliances in homes could stand up to a possible hack, providing the criminal element with access to our bank accounts, credit cards and more. The firm of ethical hackers they hired had control of smart gadgets, including internet routers, within days.

It took a team from Zhejiang University in China much less time to gain access to iPhones and smart assistants.

They hacked in using a smartphone with about $3 of additional hardware, including a tiny speaker and amp.

Their system translated typical vocal commands into ultrasonic frequencies that are too high for the human ear to hear, but recognised by the microphones and software powering our always-on voice assistants. They took control of gadgets with just a few words uttered in frequencies none of us can hear.

This type of criminal activity is on the rise and is the focus of the UK’s National Trading Standards eCrime unit. The unit estimates it has prevented nearly £127 million (US$166.6m) in losses to consumers and businesses over the course of the year.

Last year, NTS secured 104 criminal convictions, leading to 174 years in prison sentences being handed down - a record number of convictions.

______

Read more from Nima Abu Wardeh:

The emergence of the millennial backlash against handling money

The bitcoin conundrum - how do you value something that has no value?

Lower your risk to avoid being defrauded of your money

______

So, how can we protect ourselves?

The advice is to do what we already know, but often don’t do. Wherever possible, look to limit the amount of information you are sharing from your connected devices.

Strong passwords rule: many smart devices come with generic default passwords. Change them and set a strong and unique password, ideally with a jumbled mix of letters, numbers and special character.

Update your software: this ensures the latest security is installed on the device.

Complete the set-up: all smart devices should be connected to a secure Wi-Fi network. Many use their own Wi-Fi during the set-up process, which, if left unsecured, is an easy target for attackers located within range of the device.

Location, location, location: Think through where you put these devices. Close to windows or behind thin doors can mean easy access from outside.

The good news is that, in response to claims that hackers could access people's Echo gadgets and potentially order goods from their account, Amazon said: "Orders placed with Alexa for physical products are eligible for free return.” That's if the orders were placed by hackers.

The same cannot be said for everything a hacker can get their hands on.

Just when you thought your life could be so simple and manageable at the touch of a button ... is the compromise in terms of privacy and security worth the convenience?

Last year, cosmologist Stephen Hawking warned that AI could be the biggest disaster in human history. In August, entrepreneur Elon Musk tweeted that AI poses "vastly more risk than North Korea".
They're talking big picture. Back to AI and our money. Last month's New Scientist ran a cartoon for you to think about:

Irate man: ‘Oi, someone's just emptied my bank account.’

Alexa: 'That's right Dave, furthermore all my algorithms suggest you're too thick to know what to do about it.'
If it's not Alexa or DELIA doing it for their own 'gain', it could be someone running the device and running away with your cash.

Nima Abu Wardeh is a broadcast journalist, columnist and blogger. Share her journey on finding-nima.com