Seamless Technology Is a Gift for Cybercriminals

Uploaded on 2015-08-28 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

303f9ce5-d4bf-4b62-bd74-191ee983b24a-2060x1236.jpeg?w=620&q=85&auto=format&sharp=10&s=f435f273ebadc2b8d3f4fa2bbb64b8bc

Have we  subjugated our brains through apps, notifications and seamless services?.

At the recent World Future Society annual conference in San Francisco, friction-free was a phrase that cropped up in nearly every speech. Gina Bianchini, one of the founders of Mightybell, spoke of how “the removal of friction will have major impact on how we interact and engage with others”. Alex Wright, director of research at Etsy, talked of their ambition to “reduce the friction between the product and the people”. But it was Marc Goodman’s talk that really got me thinking about whether friction is getting a bad rap. Perhaps friction is our friend.

Goodman was futurist to the FBI. His New York Times bestseller Future Crimes is a no holds barred attempt to address some of the negatives around everyday technology. Namely the amount of cybercrime that is already being committed, and of which we seem totally unaware, despite the recent Juniper estimation that it will cost businesses more than $2tn by 2019.
His presentation consisting of a tour into the dark web was, well, illuminating. Google only gives us access to about 16% of the web and he opened up the audience’s eyes to what else is actually going on. There are at least 100 assassination companies, there are illicit drug companies, and a search engine called Grams. One might even suggest that there is some pretty decent marketing going on, with one assassination company’s well-crafted strapline: “Permanent solutions to life’s temporary problems.”
The automation of crime
It used to be the case that humans were the limiting factor in crime but now that crime comes in the form of software, it can go out and commit offences on its own. The more automated and connected our world gets, the more automated and connected crime gets. Goodman suggests we start to think of the car not as a vehicle but as “a computer that we ride in”. He also suggests that what is connectable is also hackable: that means your boardroom, your car, your TV, even your dishwasher. He explains how a computer expert on a flight hacked into the flight management system, took over the controls and flew the plane sideways. He poses questions like: should we give guns to robots, and what happens when someone straps a MI6 rifle to a drone?
I interviewed Goodman after his presentation and asked him: if brands are about trust, which are proving themselves trustworthy enough to protect their consumers from cybercrime? “There hasn’t been that differentiation in the market, yet,” he said. “But there is a major opportunity for a brand to own this space.”
The truth is wherever you have agreed to terms of service you’ve given away rights to your data. And as consumers we seem OK with that. He uses Target, whose database was hacked in 2013, affecting up to 70 million of their customers, as a case in point, saying: “Look what happened to Target. Their sales went down, their competitors’ sales went up, they fired the CEO and the CIO, but a year later, Target’s back.”
I asked Goodman whether he thought this was a generational challenge: “What I find is that for younger people, they tend to be expert users of technology but they have no curiosity as to how it works. The first generation on the internet who had to use Gopher and Telnet and all these protocols had some understanding of how it works. Now everything is a lovely user interface and you think: ‘Cool, Snapchat deletes my naked photo after a minute, I guess I can take naked selfies’. Now that’s not quite how the technology works and that’s not exactly what the company guarantees in their terms of service. So younger generations are expert users but they are really easy to manipulate. They have a belief in screens that earlier generations don’t have.”
And who can blame them? It’s a generation that doesn’t want to think. In thrall to tech entrepreneurship, it’s a generation that’s been told time and again that it isn’t about thinking, it’s all about doing: it’s the cult of done. Thinking is a waste of time, when you can be doing, and doing more, more often.
Goodman told me the story of his visit to McDonald’s: “I was at McDonald’s a few years ago and I bought a burger, some French fries and a Coke and the girl behind the counter said to me that will be $842. I said I’m sorry and she said that will be $842. So she literally had subjugated her own brain to a cash register.”
But haven’t we all subjugated our brains through apps, notifications, and seamless services? Without friction there is no delay, there is no pause, no moment to question what we are doing or why we are doing it.
The answer lies in design
The question becomes: at what point in the future does frictionless render us thoughtless? If we are now content to act on instinct, to be led down any kind of rabbit hole by the seamless technology we use and don’t seem to have the appetite to understand what we can’t see, have we become more trusting of the invisible than is good for us?
Goodman thinks the answer lies in design. He tells me: “I think there is a tremendous opportunity for designers in this space to bring good design, good user interface, good user experience to these tools, and I predict that the next billion-dollar cyber security company is going to be built on design. Someone puts a gun in your face and takes your purse you know you’ve been robbed. There’s no warning systems with cyber so you can be infected and you can be a victim of identity theft and you don’t know until it’s way too late. And I think design can help solve that problem and make some of these risks more obvious so that people can deal with them.”

So let’s start by redesigning our language. I’m not happy being described as a “user”, because in that sense I become totally passive to the technology, to the invisibility of it and to the level of friction it decides to serve me. 

One conclusion is that we should all start to think of ourselves as ‘choosers’ not ‘users’ so that when we interact with a connected product or service, we are actively thinking about choosing to value security of our data over the convenience of the app – or not. In that way, perhaps we will bring a little friction back to our everyday thinking processes and therefore our actions.

Guardian:  http://bit.ly/1JeClmY

MarcGoodman is author of Future Crimes: http://www.marcgoodman.net
 

 

« Cyber Hackers Can Now Remotely Shoot Someone Else’s Sniper Rifle
Darkhotel Deploys Zero-Day From Hacking Team »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

Join our experts as they give the insights you need to power your Security Information and Event Management (SIEM).

Bishop Fox

Bishop Fox

Bishop Fox is a leading authority in offensive security, providing solutions ranging from continuous penetration testing and attack surface management to product and application security assessments.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Beyond Security

Beyond Security

Beyond Security is a leader in automated vulnerability assessment and compliance solutions - enabling customers to accurately assess and manage security weaknesses in their networks and applications.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

LSEC

LSEC

LSEC is a not for profit organization that has the objective to promote Information Security and the expertise in BeNeLux and Europe.

Ignyte Assurance Platform

Ignyte Assurance Platform

Ignyte Assurance Platform™ is a leader in collaborative security and integrated GRC solutions for global corporations in Healthcare, Defense, and Technology.

Ekran System

Ekran System

Ekran System is an advanced insider threat detection solution for companies of any size.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

Valid Network

Valid Network

Valid Network DSP is blending traditional cyber security methodologies with blockchain transactions to achieve trust, internal and federated between organizations and stake holders.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

Tech Seven Partners

Tech Seven Partners

At TechSeven Partners, we provide a full suite of cyber security solutions for your business including network monitoring, onsite and cloud backup solutions, HIPAA or PCI compliance.

Iris Powered by Generali

Iris Powered by Generali

Iris Powered by Generali is an identity theft resolution provider. Our offering combines expert assistance and support with user-friendly identity protection technology.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.