Page 48 - Cyber Warnings
P. 48
household IoT adopters may be breach alerts sent to their smartphones and automatic hack
countermeasures deployed upon discovery.
Just as the internet was developed as a government application then transitioned to the public,
this IoT solution can be also be deployed in this manner. Current Defense Department
initiatives include the ability to identify and react to network changes. The Defense Advanced
Research Projects Agency (DARPA) is working to develop self-healing networks. Currently,
finding bugs has been considered “artisanal” requiring many hours of professional expertise.
These challenges leave hackers with an advantage. Judson Walker, systems engineering
director at Brocade Communications Systems, insists that IoT security solutions lie in clearly
defined software and application program interface frameworks. These frameworks centralize
control over IoT devices, facilitating the ability to alter sensors with minimal effort. Handling
massive amounts of data has provided the push for machine learning (artificial intelligence).
Algorithms are being formulated for use in not only networks to examine the information, but to
also understand it and recognize unusual changes or deviations-- ultimately making decisions to
mitigate threats. Removing the human piece will provide a much faster reaction to events as
opposed to the slow engagement (or non-engagement) of human owners. On-the-spot self-
correction is the quickest way. The technology does exist, but the lack of trust is the biggest
hurdle as we are turning over human decision making to algorithms (Jontz, 2017).
Conclusion
The Internet of Things is a ubiquitous entity that offers untold abilities and conveniences that
could not be anticipated 20 years ago. Unfortunately, the ubiquity and security concerns can
leave users including countries, cities, municipalities and individuals vulnerable in a multitude of
ways. The sheer volume of devices and the data they process and store can be used by bad
actors for ill. While we are becoming more aware of the risks, we continue to plug-in without
taking proper care to mitigate and address those risks. Some solutions are simple (changing
usernames and passwords) while others are more complex (implementing authentication and
encryption). If companies insist on producing unsecure IoT devices, perhaps the government
may step in to regulate security of these devices. Until we start to take notice of the risks and
take the initiative for our own security. Personal responsibility means we take it upon ourselves
to do what we can to secure our personal devices while demanding companies secure theirs.
Lack of action should require federal intervention to protect the public at large. We should
always remember that information is power. We should never give up that power unknowingly
or unwillingly.
References
Burrus, D. (2017). The Internet of Things Is Far Bigger Than Anyone Realizes. Retrieved from
https://www.wired.com/insights/2014/11/the-internet-of-things-bigger/
Coppock, M. (2017). New ‘BrickerBot’ malware attack kills unsecured Internet of Things
devices. Retrieved from https://uk.news.yahoo.com/brickerbot-malware-attack-kills-
unsecured-204503806.html
48 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
