Cyber Pandemic
Cyber Pandemic
Cyber Pandemic
b) IoT Devices
c) Networks
d) Servers
c) Intelligent Cyber-Physical
7) Conclusion.............................................................................................10
“CYBER-PANDEMIC “: Summary
This White Paper tackles the growing global problem of massive cyber attacks including
Ransomware, DDoS & Personal ID Theft & Cyber Scams. We briefly explore the current
reality before moving forward with some personal speculative thoughts of how such threats
& attacks could evolve into a true global cyber-pandemic! Despite the philosophical nature
of some of these ideas, we believe that actions should be taken during the coming 10 years
to ensure that Humans remain fully in control of Autonomous Agents & Weapons! In the
absence of such Cyber Controls we could be facing an existential Cyber-Pandemic that may
propagate within just seconds to maliciously infect & control ALL Cyber & Physical Assets
2) “3 Phases – a) Classic (0-5 Years) b) Transitional (5-10 Years) c) Intelligent” (10 Years+)”:
We now consider the 3 Evolutionary Phases that may take us from the Classic Cyber-
Pandemic of 2021 to a Future Intelligent Cyber-Pandemic in 2031+. In our current reality we
are still in the Classic Phase of Cyber Malware & Cyber Attacks, whilst during the coming 3
to 5 years we will see a rapid evolution through a Transitional Phase of Quasi-Intelligent
Malware & Defence Solutions. The major global existential cyber threat will emerge in the
3rd Intelligent Phase with the development & implementation of autonomous AI-Bots &
Intelligent Drone Swarms. These may initiate disruptive actions against Critical National
Infrastructure with minimal human control & become a Global Threat in just Seconds!
3) “From Carbon Life to Silicon Life – Co-Existence or Cyber-War?”: In this final section we
speculate on the possible emergence of intelligent “Silicon Life”. Such Autonomous Self-
Organising “AI Life” might seek to launch its own cyber attacks on Human – “Carbon DNA
Life” either by accident or maybe through deliberate acts of Cyber Warfare. Our only
defence will be through the active design of Cyber-Secure Architectures & active Real-Time
Intelligent Modelling & Surveillance of ALL Cyber Devices, Assets, Processes & Net Traffic.
Remember that Cyber infects @”Mach 1 Million” so prior Cyber Immunisation becomes
.mandatory to avoid existential threats & destruction of global cyber & physical assets!
--------------------------------------------------------------------------------------------------------------------------
Dedicated to the Memory of my Doctoral Supervisor Professor Peter Whittle (1927 – 2021)
who inspired my life-long interest in Artificial Intelligence, Evolution & Self-Organisation.
--------------------------------------------------------------------------------------------------------------------------
3 © Copyright – Dr David E Probert : VAZA CyberSecurity – www.vaza.com – 2021 ©
November 1, 2021 --------- “CYBER PANDEMIC”- CURRENT REALITY AND FUTURE TRENDS ---------
We consider a “Cyber Pandemic” to be a far more devastating attack upon large sections of national
critical infrastructure that actively destroys Computerised Services & Controls for Energy, Banking,
Transportation, Healthcare, Education and Banking. The first attacks that might be considered in this
category are the DDoS Cyber Attacks on Estonia in June 2007 which put the Banking & Financial
Services out of action for several days with serious economic consequences. There were also
significant Cyber Attacks in August 2008 during the Regional War in Georgia & South Ossetia.
Most recently in October 2021 we saw the “accidental” Cyber-Event in which Facebook , Instagram
and associated services experienced a global outage of several hours due to incorrectly programmed
reconfiguration of Facebook’s DNS/BGP Network Routing Tables.
In reality none of these events was catastrophic compared with the impact of the Global
Covid Crisis which has bought national economies, international travel & business to a halt!
So in the following sections we explore how “Cyber” Developments may have an even
greater negative global impact unless the Cyber Technologies & Intelligent Learning
Algorithms are properly regulated & implemented for humankind.
During the last 2 years we have become accustomed to the growth and global impact of a
Bio-Pandemic. If we assume a “Chain Reaction” with a “doubling” of cases each day (24
hours) , then after 30 days with an exponential growth of 2n then we reach an estimated
1Billion Cases (210x210x210 ) . However in the case of a Cyber-Pandemic we can expect
“online infections” to double at least every 1/10th sec, so with exponential growth again of
2n it would take just 3 secs to target & attack 1Billion IoT Networked Devices. The speed
ratio is here roughly 106 which is akin to the ratio of the “Speed of Light”/”Speed of Sound”.
Another key difference between Bio and Cyber Pandemics is that Bio-Pandemics may be
controlled and isolated through geographical controls (“Space”), whilst Cyber-Pandemics
require temporal controls (“Time”). Data Packets, Executable Code & Server Processes all
need to be monitored & inspected in “Real-Time” in order to identify rogue commands &
malware. In this sense, Bio and Cyber Pandemics are “Orthogonal Cousins” just as we
classically consider “Space” as being at 900 or orthogonal to “Time”. So whilst both Bio and
Cyber Pandemics share some similar features, there are also dramatically differences,
particularly with regard to their local & global controls. Finally, we shall see later in this
short paper that Cyber-Pandemics are potentially the more dangerous and may even pose
an existential threat to humanity in the “not too distant” future”!
As already mentioned, during recent years we are already seeing early signs of the massive
disruption that may be caused by networked malware upon Business, Government, and
Critical National Infrastructure. The major actors in this destructive activity are i) Cyber-
Criminals (Ransomware, ID Theft & Cyber Scams), ii) Political Activists (Fake News & Viral
Mis-Information on Social Media), iii) Nation States (Cyber Weapons as basis for Hybrid
Warfare including Autonomous Intelligent Weapons such as Drone Swarms).
a) Phase I – Classic – Next 5 Years (2022 – 2027) – During the Short Term we will see
increasing attacks from ALL the major actors using classic semi-intelligent tools & malware.
These Classic Threats include Denial of Service (DDoS), Ransomware, ID Theft, Stealthware &
Sleepers, Custom “Bots” such as the Original Stuxnet, Phishing & Advanced Persistent
Threats (APT). These “Classic” attacks are usually driven by criminal gangs or government
sponsored units in “Rogue States”! Increasingly will see attacks that become “self-
sustaining” through the application of intelligent” mutating “Bots” that are able to avoid
detection by traditional anti-virus applications such as McAfee, Symantec & MalwareBytes.
Such “Classic” Attacks may approach the scale of a Cyber-Pandemic (as in recent
Ransomware – WannaCry & Mirai BotNet style attacks – as well as Facebook DNS/BGP
“Accident”) . The mitigation of these attacks already require “real-time” monitoring,
interception and triage of suspicious data packets & “EXE” code using basic AI/ML/Deep
Learning Modelling Algorithms. Unfortunately many Businesses & Government Agencies are
still reliant upon traditional Pre-AI Cybersecurity Tools and deploy applications on legacy
platforms such as MS XP/Vista. In addition we observe that many Industries are running on
legacy ICS/SCADA Platforms that are insecure against criminal & political cyber attacks.
credit card & personal data over almost 100 days without detection. So Ai-Bots could
potentially remain stealthily undetectable “in the wild” for months or even years through
continuous code mutation & structural adaptations.
c) Phase III – Intelligence – 10 Years & Beyond! (2032+...) – In the Longer Term it is almost a
100% certainty that ALL malware & defensive tools will be based upon Artificial Intelligence
and Machine Learning Algorithms. This presents us with the immediate danger that the AI-
Bots that are designed by Human Software Engineers will communicate & act autonomously
in malicious ways that were not conceived by the Engineers. This is a recurring theme in Sci-
Fi Movies starting with HAL2000 in Kubrick’s brilliant 2001 – A Space Odyssey (1968).
The mitigation of such Autonomous AI-Bot Threats & Attacks will require sophisticated
Cybersecurity Tools to be engineered that provide 24/7 Real-Time Network, Applications
and Server Surveillance. Tools such as the pioneering Darktrace are moving in this direction.
We will discuss later the deep problems of mitigating against such AI-Bot attacks and the
reasons why a Cyber-Pandemic could eventually become an existential threat to humanity!
We have already discussed the relative growth of Bio and Cyber Pandemics. During the
current COVID-19 it has been a massive challenge to prevent the spread of infection even at
“The Speed of Sound” with a typical daily doubling of infections. In addition, the Vaccination
Process has taken practically 12 months (in UK) with many developing nations in Africa &
Asia still with less than 10& vaccinated. So imagine the extraordinary challenge of slowly the
growth of IoT infections from a Cyber Pandemic travelling at close to the “Speed of Light”!
Clearly the approach taken for the Spatial Growth of Bio-Pandemic is fully unsuited for
Cyber Pandemics which could potentially spread to EVERY IoT device in less than 1minute!
So here are some suggestions for how to provide “pre-vaccination” & real-time defence
against the sub-minute spread of a future Cyber Pandemics!
b) IoT Devices – During the last 5 years I have talked extensively on the weak cybersecurity
of legacy IoT & Industrial ICS/SCADA devices. So again an effective cyber defence needs to
be designed and embedded within each and EVERY IoT/ICS device during the next 10 years.
The Global Mirai BotNet DDoS Attack from several years ago demonstrates the extreme
vulnerability of legacy Business & industrial Devices such as CCTV & Monitoring Systems.
c) Networks – Data Packets already flow at Mega-GigaBit Speeds globally within Seconds.
Business started to market effective defence against real-time DDoS attack more than 10
years ago. Such solutions can inspect the “Data Packet Headers” in real-time so that alerts
may be issued and suspicious packets sent to triage & quarantine. During the next 10 years
we will see more advanced solutions that model the In/Out data streams & provide in-depth
packet inspection all in real-time so that the network traffic is not “slowed down”!
It seems likely that networks will have built-in intelligent monitoring at defined points rather
like “customs inspections” between geographical regions and countries. For the last 25
years business has relied on “Firewalls” to prevent cyber threats, but despite remaining an
important design feature, they do not prevent Ransomware, DDoS attacks & most other
advanced Criminal/Rogue State Intelligent Malware.
d) Servers – We already mentioned that the Operating systems need to be redesigned with
embedded defence against Intelligent CyberAttacks. Working Groups from International
Standards Organisations such as the IEEE, ISO/IEC, NIST and UN/ITU are already working on
new standards for AI/ML Applications. So we can expect some global standardisation within
for the new generation of intelligent servers during the coming 5 to 10 years.
e) Real-Time Surveillance & Modelling – Even with all these embedded intelligent defences,
there will be a requirement for Real-Time “Speed of Light” monitoring and adaptive
modelling of ALL cyber assets within the ICT/IoT system. Companies such as the pioneering
Darktrace have already launched effective solutions for Business & Government Networks.
The challenge comes to prevent Cyber Threats can could travel globally across ALL regional
& national networks in maybe less than 10 seconds at a speed which bypasses outpaces
even Darktrace! So there will be an emerging market for Intelligent Adaptive AI/ML Tools
that are specifically designed to monitoring and prevent such “instant” attacks on Business
& Critical National ICT Infrastructure – Energy, Banking, Transport, Healthcare, Education,
Military and Government. It seems likely that each sector will require dedicated software
design engineers to reconfigure legacy systems & networks to be cybersecure against such
Global Cyber Pandemic attacks. Indeed, I believe that most Governments will establish
dedicated units (akin to those for Bio-Pandemics) to Design & Deploy effective response!
These following sections are more personal and speculative but there is already widespread
support amongst some leading scientists & engineers regarding the potential existential
threats posed by Global Cyber-Pandemics executed by Autonomous Networks of AI-Bots!
We have been fortunate with the current Bio Pandemic that everything seems to evolve in
“slow motion” at a spread that may be monitored and managed by human specialists.
a) Autonomous “AI-Bot” Attacks – In the longer term it seems likely that AI-Bots &
Intelligent Adaptive Applications will possess “Intelligence, Networked Memory & Cyber-
Physical Integration that may exceed that of humans. The timescale is debateable with
some experts such as Kurzweil predicting that this will occur within his lifetime. I am more
sceptical and predict it will take another 50 to 100 years so maybe at the turn of 21stC/22ndC
But whatever the timescale we are in the same “Existential Game” as Climate Change!
Decisions we make in the next 5 to 10 years will determine whether we survive these global
Existential Threats.
As we engineer and embed Intelligent AI-Bot Systems within ALL Applications and ALL
Sectors we are running the risk that “our” AI-Agents may communicate and potentially
decide that human are redundant! Alternatively Criminal Groups & Rogue States may decide
to secure control over networks of AI-Bots and launch a deliberate CyberWare that could
devastate Region & Nations. Please remember that Cyber Pandemics spread at Light Speed
which is also the case of Nuclear Fission & Fusion Weapons. Whereas a Nuclear Weapon has
a devastating Regional Impact, the Exponential “Chain Reaction” of a Cyber Pandemic could
potentially devastate ALL Critical National Cyber & Physical Infrastructure on a Global Scale!
b) Firing Squad Synchronisation Problem (FSSP) – Scientific & Mathematical Research into
Self-Organising Cellular Automata goes back almost 70 years to the 1950s! In 1957 John
Myhill proposed the Firing Squad Synchronisation Problem (FSSP) which is described in
https://en.wikipedia.org/wiki/Firing_squad_synchronization_problem . Essentially the idea
is that “n” solders are lined up and asked to fire together with the constraint that they can
only communicate with their left & right neighbours. The question is to design protocols
which minimise the time that it takes to fire. The best solutions take 2(n-1) time units.
Hence if there are n=10 soldiers & each communication takes 1 second, then the soldiers
will fire in 18seconds!
So I imagined in the place of soldiers that we have a line of Networked AI-Bots. Each AI-Bot
has control of a specific Critical Sector such as Energy, Banking, Military & Government –
maybe up to 10 sectors & with communications taking 1/10 second. Then will really simple
protocols, the empowered AI-Bots may communicate “left and right” and decide to
synchronise & switch off or even destroy those critical sector assets within just 1.8secs! This
6) Emergence of “Artificial Silicon Life” – Now we move to the realms of Science Fiction!
Already last week, Facebook announced the creation of a large team to develop a
“MetaVerse” which is a form of Cyber-Universe that is entered by users through a
combination of Virtual and Augmented Reality. In this section we explore this evolution
from Human Life to Cyber Life which I prefer to refer to as “Carbon Life” and “Silicon Life”!
a) From “Carbon Life” to “Silicon Life” – Civilization has evolved since the Dawn of Time
through the mechanism of DNA/RNA life which is based upon Organic Carbon Molecules.
During the last 50 to 100 years “Carbon Life” has developed Quasi-Intelligent Machines
(Computers). A key sci-fi question is whether such computers may eventually become
sufficiently intelligent to exceed human intelligence & even to become conscious (“Silicon
Life”) Today we can only speculate on the answers to such philosophical questions.
However, as we develop more and MORE intelligent machines it becomes important to have
a scientific human perspective on the potential for “Silicon Life”! The discussion in this paper
focuses primarily on the practical threats & defence for a potential self-sustaining Cyber
Pandemic during the Short & Medium Terms (5 to 10 years). But as companies such as
Facebook design & deploy their commercial Metaverse or “Cyber- Universe” we enter the
sci-fi realms of the “Matrix”! Already we have a new generation that have become
practically enslaved by their Smart Phones & VR Computer Games. So we might imagine the
negative psychological implications of becoming immersed for hours each day in an artificial
virtual world. The greater problem is that the upcoming human generations will become
increasingly dependent and “slaved” by the Super-Intelligent Virtual/Meta Universe, and
hence become unknowingly vulnerable to Intelligent Control from the AI-Bots. In such a
scenario it may become relatively easy for Networked AI-Bots within a Cyber or Meta
Universe to unleash a Cyber Pandemic targeting the full spectrum of Critical Infrastructure.
Even today Business & Government panic under Power Blackouts and Cyber Attacks so it is
not difficult to imagine the doomsday scenario of humankind under CyberSiege by AI-Bots?!
b) Co-Existence or Cyber War? – We have briefly defined “Carbon and Silicon Life”. Such
are the differences between the two that we will require a challenging roadmap to ensure
co-existence rather than CyberWar. “Carbon Life” communicates & travels at factors of the
“Speed of Sound” whilst “Silicon Life” functions at factors of the “Speed of Light” which is
roughly 106 “Sound Speed”! Co-existence means that we should design and engineer future
Intelligent Systems to certain rules akin to Isaac Azimov’s Three Rules for Robotics. The
current focus on Supervised AI using Neural Networks for Deep Learning poses minimal
dangers. However, once we evolve to more advanced Unsupervised Stochastic Learning &
Adaptive AI Systems then there will be more issues of retaining control. The Darktrace
Toolkit includes Unsupervised learning using Recursive Bayesian Estimation which can
model network & server assets in real-time in the detection of rogue processes or malware.
Beaming forward another 10 years, with highly parallel processors & even quantum
computers will bring a new generation of intelligent AI-Bots to “life”! I personally believe
that it is inevitable that we will eventually create “Silicon Life” unless we become
overwhelmed by the shorter term existential threat of Climate Change! We shall see!
c) Malicious Artificial Intelligence in Sci-Fi Movies! – So many Sci-Fi movies during the last
50+ years have focused upon the future dominant control of Intelligent Computers &
Robotics over Humankind! Movies such as 2001-Space Odyssey, BladeRunner, Lawnmower
Man, The Matrix Trilogy, Transcendence and so on! All too often we see Hollywood Movie
Narratives become reality such as the 1976 Movie – “The Cassandra Crossing” which has the
theme of a Deadly Bio Disease escaping from a Bio-Research Laboratory Accident So we
should take heed from the Sci-Fi Portfolio since there may be some truth in these scripts!
In practically ALL these movies the Human Actors eventually outsmart the Artificial
Intelligence but in our own evolving Universe it is by no means sure that a Cyber Pandemic
will play out with a “WIN” for Humans! So we must take all precautions with CyberSecurity
& AI-Bot Develop during the Short & Medium Term to ensure our Long Term Existence!
7) Conclusion – This brief paper has taken us on a speculative journey from our current
“Real” World of Classical Cybersecurity to future Cyber worlds in which a Cyber Pandemic
could pose Existential Threats to Humankind. We are all now living through the later stages
of a Bio-Pandemic which has shaken national economies, business & governments across
the globe. I hope to have shown that such a “Bio-Pandemic” (Space) is really insignificant
compared with the devastation that could be wrecked by a true Cyber Pandemic (Time)
This is due primarily to the Speed of Infection such that “Pre-ICT-Vaccination” & Real-Time
AI Monitoring, Modelling, Triage & Quarantine are the only practical means of Defence!
10 © Copyright – Dr David E Probert : VAZA CyberSecurity – www.vaza.com – 2021 ©