Internet of Things Brings Threats To Security

The United States may have escaped most digital damage from the WaanaCry global “ransomware” virus, though cyber experts fear more attacks.

One possible explanation is that the malicious software (“malware”) harms older versions of Microsoft’s Windows operating system, which most Americans have replaced. Perhaps many users in other countries haven’t.

Whatever the explanation, this is not the end of Internet threats.

The unmistakable lesson of recent years is that the Internet is a double-edged sword. Despite enormous benefits, instant access to huge quantities of information, the proliferation of new forms of businesses, communications and entertainment, it also encourages crime, global conflict and economic disruption. The drift seems ominous.

The Russians, it is widely agreed, hacked into the computers of the Democratic National Committee, raising fears that the US presidential election was compromised. In Dallas, hackers turned on the city’s emergency sirens for more than an hour. Cyber thieves stole $81 million from Bangladesh’s central bank, though some of the money has apparently been recovered.

We are dangerously dependent on internet-based systems. All these incidents threatened the social fabric of the victimised societies. If the Russians hacked the Democrats, who might be next? Could whoever triggered Dallas’ sirens turn off the traffic lights or the local power grid? How safe are electronic financial transfers?

“Ransomware” validates these fears. What was stunning is how quickly it spread. One estimate had it quickly migrating to 150 countries and affecting 200,000 computers. Despite the rapid response, the discovery of a so-called “kill switch” in the malware that deactivated the virus – the basic message remains: Much health care, transportation and ordinary business might close if deprived of internet access, whether by hostile governments (North Korea?) or cyber criminals.

This makes the internet a weapon that can be used against us – or by us. In a presentation to the Senate Intelligence Committee, Daniel Coats, the Director of National Intelligence, put it this way: “Our adversaries are becoming more adept at using cyberspace to threaten our interests and advance their own, and despite improving cyber defenses, nearly all information, communication networks and systems will be at risk for years.”

The trouble is that we are aiding and abetting our adversaries. We are addicted to the internet and refuse to recognise how our addiction subtracts from our security. The more we connect our devices and instruments to the internet, the more we create paths for others to use against us, either by shutting down websites or by controlling what they do. Put differently, we are, incredibly, inviting trouble. Our commercial interests and our national security diverge.

The latest example of this tension is the so-called “Internet of Things” or the “smart home.” It involves connecting various devices and gadgets (thermostats, lights, cameras, locks, ovens) to the Internet so they can be operated or monitored remotely. This would be a major Internet expansion and moneymaker.

One consulting firm, Ovum, forecasts that from 2016 to 2021, the number of smart homes worldwide will rise from 90 million to 463 million, with the largest concentrations in the United States and China. Ovum anticipates that each smart home will have nearly nine separate devices attached to the Internet and that the global total will hit 4 billion by 2021.

All this increases the vulnerability of Americans and others to cyberattacks. To be sure, the “internet of things” will be fitted with security protections. But as we’ve seen, mistakes and gaps occur. Or hackers circumvent security firewalls. The growth of the “internet of things” creates more avenues and opportunities for hostile nations or rogue hackers to penetrate various cyber defenses.

The Coats presentation makes this explicit: “In the future, state and non-state actors will likely use ‘Internet of Things’ devices to support intelligence operations … or attack targeted computer networks.”

Just how we can or should regulate the tension between our commercial interests and our strategic security isn’t clear. But we can’t even start a conversation if we don’t admit that the tension is real and is getting worse all the time.

Instead of candor, we compartmentalise. We lavish praise on our cyber capitalists, Mark Zuckerberg, Jeff Bezos and others, for their accomplishments while conveniently forgetting that the same technologies also make us less safe.

 If there are deficiencies with cybersecurity, we consider them separately. We embrace the “Internet of Things” without admitting that it’s also the “Internet of hazards.”

The technologies to promote the Internet and protect it are one and the same. We need to consider our addiction in all its aspects, even the disagreeable. But we are in denial.

Spokesman:

You Might Also Read: 

North Korea, WannaCry, Cyberattacks And Lazarus:

WannaCry Was Not A Phishing Attack:

 

 

« Google's AI Takes On Go Champion
Mini Robots Support Soldiers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

Fieldfisher

Fieldfisher

Fieldfisher's Technology, Outsourcing & Privacy Group has class-leading expertise in privacy, data & cybersecurity, digital media, big data, the cloud, mobile payments and mobile apps.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

OpenText

OpenText

OpenText is a leader in Enterprise Information Management software and a portfolio of related solutions for Information Governance, Compliance, Information Security and Privacy.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

Trilateral Research

Trilateral Research

Trilateral Research provide regulatory and policy advice; develop new data-driven technologies and contribute to the latest standards in safeguarding privacy, ethics and human rights.

Innefu Labs

Innefu Labs

Innefu is an Information Security R&D startup, providing cutting edge Information Security & Data Analytics solutions.

Guardio

Guardio

Guardio develop tools and products to combat modern web and browser threats.

Lancera

Lancera

Lancera provides growth accelerating Software Development, Web Presence and Cybersecurity Solutions with a focus on customer happiness.

Invicti Security

Invicti Security

Invicti Security is an AppSec leader transforming the way web applications are secured.

ThreatLocker

ThreatLocker

The ThreatLocker Platform provides a Zero Trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

Threatsys Technologies

Threatsys Technologies

Threatsys’s Integrated cyber security process helps your organizations to ensure that it’s secure from any fraudulent attacks.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.