Internet of Things Brings Threats To Security

The United States may have escaped most digital damage from the WaanaCry global “ransomware” virus, though cyber experts fear more attacks.

One possible explanation is that the malicious software (“malware”) harms older versions of Microsoft’s Windows operating system, which most Americans have replaced. Perhaps many users in other countries haven’t.

Whatever the explanation, this is not the end of Internet threats.

The unmistakable lesson of recent years is that the Internet is a double-edged sword. Despite enormous benefits, instant access to huge quantities of information, the proliferation of new forms of businesses, communications and entertainment, it also encourages crime, global conflict and economic disruption. The drift seems ominous.

The Russians, it is widely agreed, hacked into the computers of the Democratic National Committee, raising fears that the US presidential election was compromised. In Dallas, hackers turned on the city’s emergency sirens for more than an hour. Cyber thieves stole $81 million from Bangladesh’s central bank, though some of the money has apparently been recovered.

We are dangerously dependent on internet-based systems. All these incidents threatened the social fabric of the victimised societies. If the Russians hacked the Democrats, who might be next? Could whoever triggered Dallas’ sirens turn off the traffic lights or the local power grid? How safe are electronic financial transfers?

“Ransomware” validates these fears. What was stunning is how quickly it spread. One estimate had it quickly migrating to 150 countries and affecting 200,000 computers. Despite the rapid response, the discovery of a so-called “kill switch” in the malware that deactivated the virus – the basic message remains: Much health care, transportation and ordinary business might close if deprived of internet access, whether by hostile governments (North Korea?) or cyber criminals.

This makes the internet a weapon that can be used against us – or by us. In a presentation to the Senate Intelligence Committee, Daniel Coats, the Director of National Intelligence, put it this way: “Our adversaries are becoming more adept at using cyberspace to threaten our interests and advance their own, and despite improving cyber defenses, nearly all information, communication networks and systems will be at risk for years.”

The trouble is that we are aiding and abetting our adversaries. We are addicted to the internet and refuse to recognise how our addiction subtracts from our security. The more we connect our devices and instruments to the internet, the more we create paths for others to use against us, either by shutting down websites or by controlling what they do. Put differently, we are, incredibly, inviting trouble. Our commercial interests and our national security diverge.

The latest example of this tension is the so-called “Internet of Things” or the “smart home.” It involves connecting various devices and gadgets (thermostats, lights, cameras, locks, ovens) to the Internet so they can be operated or monitored remotely. This would be a major Internet expansion and moneymaker.

One consulting firm, Ovum, forecasts that from 2016 to 2021, the number of smart homes worldwide will rise from 90 million to 463 million, with the largest concentrations in the United States and China. Ovum anticipates that each smart home will have nearly nine separate devices attached to the Internet and that the global total will hit 4 billion by 2021.

All this increases the vulnerability of Americans and others to cyberattacks. To be sure, the “internet of things” will be fitted with security protections. But as we’ve seen, mistakes and gaps occur. Or hackers circumvent security firewalls. The growth of the “internet of things” creates more avenues and opportunities for hostile nations or rogue hackers to penetrate various cyber defenses.

The Coats presentation makes this explicit: “In the future, state and non-state actors will likely use ‘Internet of Things’ devices to support intelligence operations … or attack targeted computer networks.”

Just how we can or should regulate the tension between our commercial interests and our strategic security isn’t clear. But we can’t even start a conversation if we don’t admit that the tension is real and is getting worse all the time.

Instead of candor, we compartmentalise. We lavish praise on our cyber capitalists, Mark Zuckerberg, Jeff Bezos and others, for their accomplishments while conveniently forgetting that the same technologies also make us less safe.

 If there are deficiencies with cybersecurity, we consider them separately. We embrace the “Internet of Things” without admitting that it’s also the “Internet of hazards.”

The technologies to promote the Internet and protect it are one and the same. We need to consider our addiction in all its aspects, even the disagreeable. But we are in denial.

Spokesman:

You Might Also Read: 

North Korea, WannaCry, Cyberattacks And Lazarus:

WannaCry Was Not A Phishing Attack:

 

 

« Google's AI Takes On Go Champion
Mini Robots Support Soldiers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Robert Bosch Centre for Cyber-Physical Systems (RBCCPS)

Robert Bosch Centre for Cyber-Physical Systems (RBCCPS)

RBCCPS is an interdisciplinary research and academic centre within the Indian Institute of Science focused on research in cyber-physical systems.

Graphus

Graphus

Graphus provides a simple, powerful, automated solution that eliminates 99% of social engineering and spear phishing attacks against G Suite business Gmail users.

BankVault

BankVault

BankVault is a new type of cyber technology (called remote isolation) which sidesteps your local machine and any possible malware.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID) is the first platform in Indonesia to collect and validate reports from hackers (referred to as Bug Hunter) regarding vulnerabilities that exist in an organization.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions creates enterprise mobility and file sharing solutions for companies, teams and freelancers.

Liquid Technology

Liquid Technology

Liquid Technology provide DOD- and NIST-compliant data destruction and EPA-compliant e-waste disposal and recycling services throughout North America, Europe and Asia.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Segra

Segra

Segra owns and operates one of the nation’s largest fiber networks and provides best-in-class broadband and data security solutions throughout the Southeast and Mid-Atlantic.

Zeta Sky

Zeta Sky

Zeta Sky offers a full range of IT and cyber-security services for your business.