Insecurity - The Connected World at Risk - LEKULE

Breaking

1 Sept 2015

Insecurity - The Connected World at Risk

Everything is connected and no one is prepared.


The Ashley Madison hack was a delightful example of how satisfying schadenfreude can be, but on the technical front it was a subtle reminder that anything made by humans can also be destroyed by humans. The website's hack proved once again how vulnerable the internet is; the difference is that now, as the IoT infiltrates the physical aspects of our lives, the threat seems to take on a much more tangible--and sinister--form.
When hackers in July demonstrated their ability to hack a Jeep, Chrysler recalled over 1.4 million vehicles in an attempt to plug the software hole that had allowed the hackers to infiltrate the car's infotainment system and wreak havoc on everything from the air conditioning to the brakes. It's a noble show, but the ability to hack isn't confined to Jeeps. Or cars. In fact, as companies start churning out more and more connected gadgets, security isn't a top concern. For financial reasons, it simply can't be; hiring hackers like the team that took over the Jeep would be far too expensive to bankroll. And in the time it would take them to identify and then patch security glitches, a new product would be due for rollout. That's a bit disconcerting when even refrigerators are connected to the internet.

The hacked Jeep ends up in a ditch. 
Once upon a time--when Windows was integral to nearly every household--getting a virus was an inevitability: if your computer had ever connected to the internet, there was a good possibility it had a virus. The user then ran an antivirus program with spotty results, and then accepted the fact that the computer would never run quite as well as it had when it was new. But with higher Mac conversion and better antivirus protocols, users gained a new sense of security. After all, Macs can't get viruses, right?
They absolutely can. And security specialists recently proved that Apple's coveted Apple ID system was prone to malware that put 225,000 users at risk for hacked devices and stolen information. Oh, and remember that embarrassing iCloud hack that led to nude celebrity photos being leaked? It's still baffling both Apple and experts.

The point to all this is that nothing is absolutely secure--not Apple products, not cars, and not anything that's connected to the internet. And it may be that in the IoT, hacking one device means acccess to all the rest. If software engineers can't stop the deluge of security breaches, then it must be up to hardware designers. For instance, Synaptics moved fingerprint authentication away from the OS and keeps data isolated within the hardware.

Companies have a responsibility to users to secure their products, and that may mean delaying their release or finding new ways to make products safer. Self-driving cars are here, and there are rumors that Apple's onboard as well: it's time to slow down and correct weaknesses before they're exploited by less friendly hackers.

No comments: