Internet of Things Brings Threats To Security

Uploaded on 2017-06-19 in TECHNOLOGY--Developments, TECHNOLOGY-Key Areas-Internet of Things, NEWS-Cybersecurity News, FREE TO VIEW

The United States may have escaped most digital damage from the WaanaCry global “ransomware” virus, though cyber experts fear more attacks.

One possible explanation is that the malicious software (“malware”) harms older versions of Microsoft’s Windows operating system, which most Americans have replaced. Perhaps many users in other countries haven’t.

Whatever the explanation, this is not the end of Internet threats.

The unmistakable lesson of recent years is that the Internet is a double-edged sword. Despite enormous benefits, instant access to huge quantities of information, the proliferation of new forms of businesses, communications and entertainment, it also encourages crime, global conflict and economic disruption. The drift seems ominous.

The Russians, it is widely agreed, hacked into the computers of the Democratic National Committee, raising fears that the US presidential election was compromised. In Dallas, hackers turned on the city’s emergency sirens for more than an hour. Cyber thieves stole $81 million from Bangladesh’s central bank, though some of the money has apparently been recovered.

We are dangerously dependent on internet-based systems. All these incidents threatened the social fabric of the victimised societies. If the Russians hacked the Democrats, who might be next? Could whoever triggered Dallas’ sirens turn off the traffic lights or the local power grid? How safe are electronic financial transfers?

“Ransomware” validates these fears. What was stunning is how quickly it spread. One estimate had it quickly migrating to 150 countries and affecting 200,000 computers. Despite the rapid response, the discovery of a so-called “kill switch” in the malware that deactivated the virus – the basic message remains: Much health care, transportation and ordinary business might close if deprived of internet access, whether by hostile governments (North Korea?) or cyber criminals.

This makes the internet a weapon that can be used against us – or by us. In a presentation to the Senate Intelligence Committee, Daniel Coats, the Director of National Intelligence, put it this way: “Our adversaries are becoming more adept at using cyberspace to threaten our interests and advance their own, and despite improving cyber defenses, nearly all information, communication networks and systems will be at risk for years.”

The trouble is that we are aiding and abetting our adversaries. We are addicted to the internet and refuse to recognise how our addiction subtracts from our security. The more we connect our devices and instruments to the internet, the more we create paths for others to use against us, either by shutting down websites or by controlling what they do. Put differently, we are, incredibly, inviting trouble. Our commercial interests and our national security diverge.

The latest example of this tension is the so-called “Internet of Things” or the “smart home.” It involves connecting various devices and gadgets (thermostats, lights, cameras, locks, ovens) to the Internet so they can be operated or monitored remotely. This would be a major Internet expansion and moneymaker.

One consulting firm, Ovum, forecasts that from 2016 to 2021, the number of smart homes worldwide will rise from 90 million to 463 million, with the largest concentrations in the United States and China. Ovum anticipates that each smart home will have nearly nine separate devices attached to the Internet and that the global total will hit 4 billion by 2021.

All this increases the vulnerability of Americans and others to cyberattacks. To be sure, the “internet of things” will be fitted with security protections. But as we’ve seen, mistakes and gaps occur. Or hackers circumvent security firewalls. The growth of the “internet of things” creates more avenues and opportunities for hostile nations or rogue hackers to penetrate various cyber defenses.

The Coats presentation makes this explicit: “In the future, state and non-state actors will likely use ‘Internet of Things’ devices to support intelligence operations … or attack targeted computer networks.”

Just how we can or should regulate the tension between our commercial interests and our strategic security isn’t clear. But we can’t even start a conversation if we don’t admit that the tension is real and is getting worse all the time.

Instead of candor, we compartmentalise. We lavish praise on our cyber capitalists, Mark Zuckerberg, Jeff Bezos and others, for their accomplishments while conveniently forgetting that the same technologies also make us less safe.

 If there are deficiencies with cybersecurity, we consider them separately. We embrace the “Internet of Things” without admitting that it’s also the “Internet of hazards.”

The technologies to promote the Internet and protect it are one and the same. We need to consider our addiction in all its aspects, even the disagreeable. But we are in denial.

Spokesman:

You Might Also Read: 

North Korea, WannaCry, Cyberattacks And Lazarus:

WannaCry Was Not A Phishing Attack:

 

 

« Google's AI Takes On Go Champion
Mini Robots Support Soldiers »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CloudCheckr

CloudCheckr

CloudCheckr is a next-gen cloud management platform that unifies Security & Compliance, Inventory & Utilization and Cost Management.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

Japan Network Security Association (JNSA)

Japan Network Security Association (JNSA)

JNSA's goal is to promote standardization related to network security and to contribute to greater technological standards in the field.

Westminster eForum

Westminster eForum

Wesrtminster eForum runs a series of conferences on matters relating to the UKs Digital Strategy. Topics include Smart Cities and Cyber Security.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

Cybercrime Investigation & Coordinating Center (CICC) - Philippines

Cybercrime Investigation & Coordinating Center (CICC) - Philippines

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Pareteum

Pareteum

Pareteum is a leading Global provider of mobile networking software and services. Our mission is to provide a single solution to the problem of fully enabling and securing the Mobile Cloud.

MythX

MythX

MythX is the premier security analysis service for Ethereum smart contracts.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

American Cybersecurity Institute

American Cybersecurity Institute

American cybersecurity Institute is a newly formed not-for-profit organization dedicated to education, advocacy, study and analysis in the space of cybersecurity law and policy.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Cufflink

Cufflink

Cufflink makes your business more secure, compliant and trusted. We limit the likelihood and impact of a data breach by controlling exactly what can and can't be done with personal data.

Cymune

Cymune

At Cymune we help businesses to fight against cybercrime, protect patented data and diminish security risks.

Cloud4C

Cloud4C

Cloud4C is a leading automation-driven, application focused cloud Managed Services Provider.

E-CQURITY (ECQ)

E-CQURITY (ECQ)

ECQ is a network security company offering offensive security services and solutions focused on active offensive and defensive positioning.

Dark Entry

Dark Entry

Dark Entry provide solutions to safeguard businesses, leveraging advanced technologies and intelligence-driven approaches to detect and mitigate risks associated with compromised data.