Frank Abagnale is afraid for the future.
"Up to this point, cyber crime has been cyber crime," says Abagnale. "Mostly, cybercriminals are motivated to commit crime for financial gain. But in five years, cybercrime is going to get much darker as criminals shift from being financially motivated to attacking infrastructure in the physical world."
Abagnale should know. He's a former master criminal. Over a six-year period in the 1960s, from age 16 through 21, the master forger and fraudster cashed over $2.5 million in bad checks in 26 countries and flew 1 million miles around the world for free. For the past 40 years, after completing a six year sentence, he has been helping the FBI catch bad guys. Abagnale has also helped design anti-fraud technology that you use everyday; checks, your birth certificate, and your doctor's prescription pad.
And while financial fraud is rampant, Abagnale really worries about this emerging strain of cybercrime that will be far more personal. He says right now hackers can shut off someone's pacemaker if they are standing close by. But in the future he says hackers will be able stop a person's pacemaker from thousands of miles away. All connected devices will be controlled from afar--a hacker can deploy airbags while you're driving or lock you in your car with the car running when you park in the garage. Hackers and criminals will also bring real destruction by messing with the power grid, sewage systems and water supply. A taste of this future was seen this year at an upstate New York dam and a steel mill in Germany. During Obama's first term in office, the U.S. and Israel developed and deployed a weaponized computer virus, called Stuxnet, to attack Iran's nuclear enrichment plant.
For Abagnale, he is most afraid of how terrorists and criminals see the Internet as a tool for destruction.
"They see it as a weapon," says Abagnale. "It's just as powerful as a gun or explosive device. The Internet can be used to hurt many people."
But Abagnale is not confident that we will be able to stop these types of hacks - we can barely control the most simple of hacks that are draining American businesses now. Garden variety cybercrime has touched almost every American. Identify theft, investments schemes and fraud cost Americans $18 billion last year, Abagnale says. He says that the best defense a business owner can rely on is knowing the ways criminals can defraud you.
"You cannot rely on the police, you cannot rely on the government, you cannot rely on the bank to protect you," says Abagnale. "You have to be smarter and a wiser businessperson and consumer. You have to learn to protect yourself through education."
Abagnale encourages individuals to have a credit monitoring service that protects you 24/7 and to never use public WiFi to buy anything or check your bank account or credit cards.
"You need to shred everything that contains personal information," says Abagnale. "You should not write checks, when you write a check you're leaving your name, address, bank name, account number, routing number, signature. You leave all your information for the taking."
He says he doesn't use debit cards because criminals can use it to get access to a bank account. Instead, he only uses credit cards. If a criminal steals a credit card or credit card number, they are not stealing money in your bank account, they are stealing the credit card company's money. Under federal law, individuals do not have liability if their credit card is stolen. "I look at ways to remove the liability away from me," says Abagnale.
No matter what precautions are taken, some criminals cannot be stopped.
"To be honest, I believe every person in this country has had their identity stolen," says Abagnale. "Look at the breaches over the years, we have had 875 million electronic files hacked into. Target, Home Depot, Sony, the government, add all of these up and it far exceeds the population of the U.S."
He says social engineering, the act of targeting one person and using small pieces of personal information to convince them to give away money, download malware, or give access to information, cannot be beat by technology. The person-to-person approach can be perpetrated over the phone, in person or online.
Criminals are good at convincing people to give away money or send information under the guise that it's safe or a normal procedure. Abagnale says it will not get better until companies do everything they can to protect information and educate employees about how to spot social engineering attacks.