Network security is nothing new, but when it comes to the IoT will it be too little, too late?
Billions of connected things. Massive silicon consumption. Exponentially rising data volumes. Global compute farm build-out to make sense out of all of it. Lots of dollar signs. Everyone is talking about IoT with an optimistic view toward the future. There is a dark side to all this. Many, including yours truly have written about it. If you’re familiar with the Terminator series, you can call it Judgment Day. If you’re a Bruce Willis fan, you may be familiar with the term “fire sale” from Diehard 4.0.
These are references to Hollywood’s version of a grand-scale takeover of a pervasive network of devices. Which is exactly what IoT promises. Network security and IoT are not new. There is plenty of work going on to address this requirement. The question is – will it be too little, too late?
There’s also the question of who will pay for it. Robust security for a high-end router is one thing. But the same sophisticated protection for your wearable gadget, or even your thermostat is another thing. Demand for these products is very sensitive to price, so making them more expensive and more secure will probably not fly.
I’ve always believed that we’ll need some seminal “bad event” to make this problem real for everyone. This would be an unfortunate outcome, so I hope I’m wrong.
Right or wrong, we’ve recently seen an IoT security breach unfold in the national press. The headline was, “Who Took Down the Internet on Friday?” OK, some drama here for sure. There are over 1 billion websites on the internet, and a small fraction were affected by the denial of service attack on Friday. Twitter, Amazon, Spotify, PayPal, and CNN were among the sites affected, so that certainly does get attention. What is unique (and concerning) about the events of last Friday are the resources that were taken control of to implement the attack. Computers are usually the “weapon of choice” for these events. Last Friday, all kinds of IoT devices were pressed into service – TVs, webcams, thermostats, refrigerators and the like. It appears that many millions of devices were involved.
So, where do we go from here? I sincerely hope this is a wake-up call that works. This is an extremely large and complex problem. And attacks of this nature can do a lot more damage than bring down websites. I would encourage everyone to read up on this topic. Anything with an IP address can be hacked.
That includes the webcam built into your laptop, so don’t forget to smile.