All this specialization and market interaction is trouble enough today but what might be around the corner? One worry is the automation of development for new malware variants. Using machine learning techniques on par with those employed by defenders to identify and take apart malware, attackers could churn out thousands of functionally distinct samples a day. No longer the small changes designed to fool intrusion detection and prevention systems, these variants could each vary in purpose and design, overwhelming defenders. Groups might offer these automated assembly lines up for rental or sale to the highest bidder with competition driving innovation in new features and capabilities.Currently, few malware kits and tools target embedded systems like DVRs or automobiles, but that is going to change. As disruptions like the Mirai botnet show, the Internet of Things is a large and growing underbelly to the digital landscape that’s proving incredibly vulnerable. As participants in the malware markets find ways to monetize this vulnerability, the stakes will go up. Imagine ransomware that locks you out of your car, your house, or a critical medical device like a dialysis machine. Now consider what it looks like when the tools used to build that ransomware are leaked and available all over the internet.