How Will Terrorists Use The Internet of Things?

By 2020, there will be anywhere from 20 billion to 50 billion Internet-connected devices, including about one in five cars and or trucks, according to industry forecasts.

That’s big business for outfits that sell data or streaming services. For the US Justice Department, it’s 50 billion potential problems.

“In our division, we’ve just started a group looking at nothing but the Internet of Things.” John P. Carlin, the US Assistant Attorney General for National Security, told the Intelligence and National Security Alliance recently at the group’s annual Summit.

Carlin framed the issue as directly related to next-generation terrorism. “Look at the terrorist attack in Nice,” he said. “If our trucks are running in an automated fashion, great efficiencies, great safety, on the one hand, but if we don’t think about how terrorists could exploit that on the front end, and not after they take a truck and run it through a crowd of civilians, we’ll regret it.”

“We made that mistake once when we moved all of our data, when we digitally connected it, and didn’t focus on how … terrorists and spies could exploit it,” he said, referring broadly to the growing abilities of state and non-state actors to steal data and put it to nefarious use. “We’re playing catch-up,” he said. “We can’t do that again when it comes to the Internet of Things, actual missiles, trucks and cars.”

But there are already thousands of vulnerable vehicles on today’s roads. Computer researchers Chris Valazek and Charlie Miller have been demonstrating how to hack various car models for years, including a famous 2013 Today Show segment, and a 2015 demonstration in which they took control of a Jeep travelling along a highway at 70 mph with a WIRED journalist inside. That journalist calculated that as many as 471,000 existing vehicles have some exploitable computer vulnerability.

Of course, Justice isn’t the only government agency sweating over the Internet of Things. In 2012, the Defense Advanced Research Projects Agency, or DARPA, launched a program called the High Assurance Cyber Military Systems, or HACMS, to fix vulnerabilities that could pervade future Internet of Things devices. 

Two years later, Dawn Meyerriecks, the deputy director of the Central Intelligence Agency’s directorate of science and technology, noted that “smart refrigerators have been used in distributed denial of service attacks,” and cited smart fluorescent LEDs that “are communicating that they need to be replaced but are also being hijacked for other things.”

DefenseOne

 

« Tesla Announces Update To Self-Driving System
Social Media Sites - Cyber Weapons of Choice »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

Security Onion Solutions

Security Onion Solutions

Security Onion Solutions is the creator and maintainer of Security Onion, a free and open platform for threat hunting, network security monitoring, and log management.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Fraud.com

Fraud.com

Fraud.com ensures trust at every step of the customer's digital journey; this complete end-to-end protection delivers unified identity, authentication and fraud detection and prevention.

Syskode Technologies

Syskode Technologies

Sykode Technologies is a next-generation global technology company offering an integrated portfolio of advisory services, products and solutions in areas including AI, IoT and Cyber Security.

GK8

GK8

GK8 is a cyber security company that offers a high security custodian technology for managing and safeguarding digital assets. Secure, Compliant and Practical.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

SterlingRisk Programs

SterlingRisk Programs

SterlingRisk’s Cyber practice brings experience working with a wide array of clients across a broad spectrum of industries.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Securd

Securd

Securd takes opportunities away from your cyber adversaries. Cloud-delivered zero-trust DNS firewall and web filtering protection keep your business network and remote employees safe.

Talon Cyber Security

Talon Cyber Security

Talon delivers the leading enterprise browser designed to bring security to managed and unmanaged devices, regardless of location, device type or operating system.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

NVISO Security

NVISO Security

NVISO is a pure-play cyber security consulting firm, focused mainly on the Financial Sector, the Technology Sector, and Government & Critical Infrastructure.

StackGen

StackGen

StackGen (formerly appCD) automatically generates Infrastructure from Code (IfC) based on application code with golden standards applied.