How Will Terrorists Use The Internet of Things?

By 2020, there will be anywhere from 20 billion to 50 billion Internet-connected devices, including about one in five cars and or trucks, according to industry forecasts.

That’s big business for outfits that sell data or streaming services. For the US Justice Department, it’s 50 billion potential problems.

“In our division, we’ve just started a group looking at nothing but the Internet of Things.” John P. Carlin, the US Assistant Attorney General for National Security, told the Intelligence and National Security Alliance recently at the group’s annual Summit.

Carlin framed the issue as directly related to next-generation terrorism. “Look at the terrorist attack in Nice,” he said. “If our trucks are running in an automated fashion, great efficiencies, great safety, on the one hand, but if we don’t think about how terrorists could exploit that on the front end, and not after they take a truck and run it through a crowd of civilians, we’ll regret it.”

“We made that mistake once when we moved all of our data, when we digitally connected it, and didn’t focus on how … terrorists and spies could exploit it,” he said, referring broadly to the growing abilities of state and non-state actors to steal data and put it to nefarious use. “We’re playing catch-up,” he said. “We can’t do that again when it comes to the Internet of Things, actual missiles, trucks and cars.”

But there are already thousands of vulnerable vehicles on today’s roads. Computer researchers Chris Valazek and Charlie Miller have been demonstrating how to hack various car models for years, including a famous 2013 Today Show segment, and a 2015 demonstration in which they took control of a Jeep travelling along a highway at 70 mph with a WIRED journalist inside. That journalist calculated that as many as 471,000 existing vehicles have some exploitable computer vulnerability.

Of course, Justice isn’t the only government agency sweating over the Internet of Things. In 2012, the Defense Advanced Research Projects Agency, or DARPA, launched a program called the High Assurance Cyber Military Systems, or HACMS, to fix vulnerabilities that could pervade future Internet of Things devices. 

Two years later, Dawn Meyerriecks, the deputy director of the Central Intelligence Agency’s directorate of science and technology, noted that “smart refrigerators have been used in distributed denial of service attacks,” and cited smart fluorescent LEDs that “are communicating that they need to be replaced but are also being hijacked for other things.”

DefenseOne

 

« Tesla Announces Update To Self-Driving System
Social Media Sites - Cyber Weapons of Choice »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

STMicroelectronics

STMicroelectronics

ST is a global semiconductor leader delivering intelligent and energy-efficient products and solutions that power the electronics at the heart of everyday life.

RedLock

RedLock

The RedLock Cloud 360TM platform correlates disparate security data sets to provide a unified view of risks across fragmented cloud environments.

Seconize

Seconize

Seconize empowers enterprises to proactively manage their cyber risks, prioritize remediations, optimize security spending and ensure compliance.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

MetaCert

MetaCert

MetaCert’s Zero Trust browser software reduces the risk of organizations being compromised with a phishing-led cyberattack by more than 98%.

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Contechnet Deutschland

Contechnet Deutschland

Contechnet Deutschland started as a specialist in the area of IT disaster recovery and has since broadened its portfolio into information security and data protection.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

Entro Security

Entro Security

Entro is the first holistic secrets security platform that detects, safeguards, and enriches with context your secrets across code, vaults, chats, and platforms.

Amyna Systems

Amyna Systems

Amyna has developed an IoT cybersecurity platform that prevents malignant attacks, helping users to protect themselves from cyberattacks.

ARGOS Cloud Security

ARGOS Cloud Security

ARGOS aims to simplify and strengthen cloud security, by creating a visual map of security vulnerabilities, to your priceless information stored in any cloud provider environment.

Afripol

Afripol

AFRIPOL was set up to strengthen cooperation between the police agencies of AU member states in the prevention and fight against organized transnational crime, terrorism, and cybercrime.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

ThreatView by Turaco Labs

ThreatView by Turaco Labs

ThreatView combines extensive experience in digital forensics with advanced analytics and threat detection capabilities to protect eCommerce websites.

Lupasafe

Lupasafe

Lupasafe is a software for businesses to see IT risks and insights, and provide vital training for employees.