Internet of Things Brings Threats To Security

Uploaded on 2017-06-19 in TECHNOLOGY--Developments, TECHNOLOGY-Key Areas-Internet of Things, NEWS-Cybersecurity News, FREE TO VIEW

The United States may have escaped most digital damage from the WaanaCry global “ransomware” virus, though cyber experts fear more attacks.

One possible explanation is that the malicious software (“malware”) harms older versions of Microsoft’s Windows operating system, which most Americans have replaced. Perhaps many users in other countries haven’t.

Whatever the explanation, this is not the end of Internet threats.

The unmistakable lesson of recent years is that the Internet is a double-edged sword. Despite enormous benefits, instant access to huge quantities of information, the proliferation of new forms of businesses, communications and entertainment, it also encourages crime, global conflict and economic disruption. The drift seems ominous.

The Russians, it is widely agreed, hacked into the computers of the Democratic National Committee, raising fears that the US presidential election was compromised. In Dallas, hackers turned on the city’s emergency sirens for more than an hour. Cyber thieves stole $81 million from Bangladesh’s central bank, though some of the money has apparently been recovered.

We are dangerously dependent on internet-based systems. All these incidents threatened the social fabric of the victimised societies. If the Russians hacked the Democrats, who might be next? Could whoever triggered Dallas’ sirens turn off the traffic lights or the local power grid? How safe are electronic financial transfers?

“Ransomware” validates these fears. What was stunning is how quickly it spread. One estimate had it quickly migrating to 150 countries and affecting 200,000 computers. Despite the rapid response, the discovery of a so-called “kill switch” in the malware that deactivated the virus – the basic message remains: Much health care, transportation and ordinary business might close if deprived of internet access, whether by hostile governments (North Korea?) or cyber criminals.

This makes the internet a weapon that can be used against us – or by us. In a presentation to the Senate Intelligence Committee, Daniel Coats, the Director of National Intelligence, put it this way: “Our adversaries are becoming more adept at using cyberspace to threaten our interests and advance their own, and despite improving cyber defenses, nearly all information, communication networks and systems will be at risk for years.”

The trouble is that we are aiding and abetting our adversaries. We are addicted to the internet and refuse to recognise how our addiction subtracts from our security. The more we connect our devices and instruments to the internet, the more we create paths for others to use against us, either by shutting down websites or by controlling what they do. Put differently, we are, incredibly, inviting trouble. Our commercial interests and our national security diverge.

The latest example of this tension is the so-called “Internet of Things” or the “smart home.” It involves connecting various devices and gadgets (thermostats, lights, cameras, locks, ovens) to the Internet so they can be operated or monitored remotely. This would be a major Internet expansion and moneymaker.

One consulting firm, Ovum, forecasts that from 2016 to 2021, the number of smart homes worldwide will rise from 90 million to 463 million, with the largest concentrations in the United States and China. Ovum anticipates that each smart home will have nearly nine separate devices attached to the Internet and that the global total will hit 4 billion by 2021.

All this increases the vulnerability of Americans and others to cyberattacks. To be sure, the “internet of things” will be fitted with security protections. But as we’ve seen, mistakes and gaps occur. Or hackers circumvent security firewalls. The growth of the “internet of things” creates more avenues and opportunities for hostile nations or rogue hackers to penetrate various cyber defenses.

The Coats presentation makes this explicit: “In the future, state and non-state actors will likely use ‘Internet of Things’ devices to support intelligence operations … or attack targeted computer networks.”

Just how we can or should regulate the tension between our commercial interests and our strategic security isn’t clear. But we can’t even start a conversation if we don’t admit that the tension is real and is getting worse all the time.

Instead of candor, we compartmentalise. We lavish praise on our cyber capitalists, Mark Zuckerberg, Jeff Bezos and others, for their accomplishments while conveniently forgetting that the same technologies also make us less safe.

 If there are deficiencies with cybersecurity, we consider them separately. We embrace the “Internet of Things” without admitting that it’s also the “Internet of hazards.”

The technologies to promote the Internet and protect it are one and the same. We need to consider our addiction in all its aspects, even the disagreeable. But we are in denial.

Spokesman:

You Might Also Read: 

North Korea, WannaCry, Cyberattacks And Lazarus:

WannaCry Was Not A Phishing Attack:

 

 

« Google's AI Takes On Go Champion
Mini Robots Support Soldiers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

Nutanix

Nutanix

The Nutanix enterprise cloud platform provides performance, robust security, and seamless application mobility for a broad range of enterprise applications.

IT Association of Slovakia (ITAS)

IT Association of Slovakia (ITAS)

ITAS is a professional association of domestic and foreign companies operating in the field of information and communication technologies

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

SecureData

SecureData

SecureData provide professional data recovery services, digital forensics, data recovery software and FIPS 140-2 Level 3 Validated hardware encrypted drives.

Valence Security

Valence Security

Valence manages and secures your Business Application Mesh by delivering visibility, reducing unauthorized access and preventing data loss.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

US Insider Risk Management Center of Excellence (US-InRM)

US Insider Risk Management Center of Excellence (US-InRM)

The US-InRM Center of Excellence is a nonprofit organization dedicated to promoting private, public, and academic partnerships to foster knowledge sharing and resources to mitigate insider risk.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.

Conifers.ai

Conifers.ai

Empower your existing SecOps team with the strength of AI - achieve SOC excellence with Conifers CognitiveSOC.