How Will Terrorists Use The Internet of Things?

Uploaded on 2016-09-21 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Internet of Things

By 2020, there will be anywhere from 20 billion to 50 billion Internet-connected devices, including about one in five cars and or trucks, according to industry forecasts.

That’s big business for outfits that sell data or streaming services. For the US Justice Department, it’s 50 billion potential problems.

“In our division, we’ve just started a group looking at nothing but the Internet of Things.” John P. Carlin, the US Assistant Attorney General for National Security, told the Intelligence and National Security Alliance recently at the group’s annual Summit.

Carlin framed the issue as directly related to next-generation terrorism. “Look at the terrorist attack in Nice,” he said. “If our trucks are running in an automated fashion, great efficiencies, great safety, on the one hand, but if we don’t think about how terrorists could exploit that on the front end, and not after they take a truck and run it through a crowd of civilians, we’ll regret it.”

“We made that mistake once when we moved all of our data, when we digitally connected it, and didn’t focus on how … terrorists and spies could exploit it,” he said, referring broadly to the growing abilities of state and non-state actors to steal data and put it to nefarious use. “We’re playing catch-up,” he said. “We can’t do that again when it comes to the Internet of Things, actual missiles, trucks and cars.”

But there are already thousands of vulnerable vehicles on today’s roads. Computer researchers Chris Valazek and Charlie Miller have been demonstrating how to hack various car models for years, including a famous 2013 Today Show segment, and a 2015 demonstration in which they took control of a Jeep travelling along a highway at 70 mph with a WIRED journalist inside. That journalist calculated that as many as 471,000 existing vehicles have some exploitable computer vulnerability.

Of course, Justice isn’t the only government agency sweating over the Internet of Things. In 2012, the Defense Advanced Research Projects Agency, or DARPA, launched a program called the High Assurance Cyber Military Systems, or HACMS, to fix vulnerabilities that could pervade future Internet of Things devices. 

Two years later, Dawn Meyerriecks, the deputy director of the Central Intelligence Agency’s directorate of science and technology, noted that “smart refrigerators have been used in distributed denial of service attacks,” and cited smart fluorescent LEDs that “are communicating that they need to be replaced but are also being hijacked for other things.”

DefenseOne

 

« Tesla Announces Update To Self-Driving System
Social Media Sites - Cyber Weapons of Choice »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jones Day

Jones Day

Jones Day is an international law firm based in the United States. Practice areas include Cybersecurity, Privacy & Data Protection.

Trustlook

Trustlook

Trustlook's SECUREai engine delivers the performance and scalability needed to provide total threat protection against malware and other forms of attack.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

GM Security Technologies

GM Security Technologies

GM Security Technologies provides leading managed security services of the highest quality to every type of individual and organization in Puerto Rico, Caribbean and Latin America.

ActiveNav

ActiveNav

ActiveNav provide dark data discovery solutions for compliance and information governance.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Multipoint Group

Multipoint Group

Multipoint is an information security and protection solutions company operating in the South EMEA region through value-added distribution channels.

Liberty Technology

Liberty Technology

Liberty Technology has a host of highly trained, certified experts who assist our clients with immediate remote support as well as on-site service.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.