How Will Terrorists Use The Internet of Things?

Uploaded on 2016-09-21 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Internet of Things

By 2020, there will be anywhere from 20 billion to 50 billion Internet-connected devices, including about one in five cars and or trucks, according to industry forecasts.

That’s big business for outfits that sell data or streaming services. For the US Justice Department, it’s 50 billion potential problems.

“In our division, we’ve just started a group looking at nothing but the Internet of Things.” John P. Carlin, the US Assistant Attorney General for National Security, told the Intelligence and National Security Alliance recently at the group’s annual Summit.

Carlin framed the issue as directly related to next-generation terrorism. “Look at the terrorist attack in Nice,” he said. “If our trucks are running in an automated fashion, great efficiencies, great safety, on the one hand, but if we don’t think about how terrorists could exploit that on the front end, and not after they take a truck and run it through a crowd of civilians, we’ll regret it.”

“We made that mistake once when we moved all of our data, when we digitally connected it, and didn’t focus on how … terrorists and spies could exploit it,” he said, referring broadly to the growing abilities of state and non-state actors to steal data and put it to nefarious use. “We’re playing catch-up,” he said. “We can’t do that again when it comes to the Internet of Things, actual missiles, trucks and cars.”

But there are already thousands of vulnerable vehicles on today’s roads. Computer researchers Chris Valazek and Charlie Miller have been demonstrating how to hack various car models for years, including a famous 2013 Today Show segment, and a 2015 demonstration in which they took control of a Jeep travelling along a highway at 70 mph with a WIRED journalist inside. That journalist calculated that as many as 471,000 existing vehicles have some exploitable computer vulnerability.

Of course, Justice isn’t the only government agency sweating over the Internet of Things. In 2012, the Defense Advanced Research Projects Agency, or DARPA, launched a program called the High Assurance Cyber Military Systems, or HACMS, to fix vulnerabilities that could pervade future Internet of Things devices. 

Two years later, Dawn Meyerriecks, the deputy director of the Central Intelligence Agency’s directorate of science and technology, noted that “smart refrigerators have been used in distributed denial of service attacks,” and cited smart fluorescent LEDs that “are communicating that they need to be replaced but are also being hijacked for other things.”

DefenseOne

 

« Tesla Announces Update To Self-Driving System
Social Media Sites - Cyber Weapons of Choice »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

GigaOm

GigaOm

GigaOm's mission is to provide enterprises with information and analysis to help them make better decisions about technology.

QMS International

QMS International

QMS is one of the leading ISO certification bodies in the UK and serves clients worldwide.

Galois

Galois

Galois specializes in the research and development of new technologies that solve the most difficult problems in computer science.

New Zealand Internet Task Force (NZITF)

New Zealand Internet Task Force (NZITF)

The New Zealand Internet Task Force (NZITF) is a non-profit with the mission of improving the cyber security posture of New Zealand.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

WebOrion

WebOrion

WebOrion is an All-in-One Web Security & Performance Suite. Fortify, accelerate and monitor your website today.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Sygnia

Sygnia

Sygnia is a cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

AMSYS Innovative Solutions

AMSYS Innovative Solutions

AMSYS is a full-service, 24/7/365 IT solutions, Cybersecurity & Managed Service Provider.

GoPro Consultants

GoPro Consultants

GoPro Consultants is an IT Consultancy and IT Managed services provider Globally with immeasurable expertise of IT professionals in Hardware/Support & Consultancy and Project Planning.

Klaatu IT Security (KITS)

Klaatu IT Security (KITS)

Klaatu IT Security is a boutique provider of cyber security services, empowering our clients to prioritise and reduce their cyber risk.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

Hive

Hive

Hive is a leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations.