Andrea Danti - Fotolia
Small World Big Data
Published: 22 Feb 2018
I was recently asked about the most pressing IT challenge in 2018. At first, I was going to throw out a pat answer, something like dealing with big data or finally deploying hybrid cloud architecture. But those aren't actually all that difficult to pull off anymore.
Then I thought about how some people like to be irrationally scared about the future, artificial intelligence in particular. But AI really isn't the scary part. It's the blind trust we already tend to put into black-box algorithms and short-sighted local optimizations that inevitably bring about unintended consequences. We should be much more afraid of today's human ignorance than tomorrow's AI.
Instead, what I came up with as the hard, impending problem for IT is how to adequately secure the fast-expanding internet of things. To be clear, I interpret IoT rather broadly to include existing mobile devices -- e.g., smartphones that can measure us constantly with multiple sensors and GPS -- connected consumer gadgets and household items, and the burgeoning realm of industrial IoT.
The rush to secure IoT devices isn't just about your personal things, as in the risk of someone hacking your future driverless car. The potential scope of an IoT security compromise is, by definition, huge. Imagine every car on the road hacked -- at the same time.
IoT exploits could also go wide and deep. Sophisticated compromises could attack your car, your phone, your home security system, your pacemaker and your coffeepot simultaneously. Imagine every coffee machine out of service on the same morning. We haven't even begun to outline the potential nightmare scenarios caused by insecure IoT devices. And I sure hope Starbucks is keeping some analog percolators on standby.
If personal physical danger isn't scary enough, think about the ease with which a single penetration of a key connected system could cause a nationwide or even global disaster. For example, a 2003 cascading power outage that affected over 50 million people in New England was triggered by a single alarm system misconfiguration. An inability to recover or reset something easily at that scale could push one into imagining a truly dystopian future.
Vulnerable with a capital V
What worries me more than the possibility of a large, direct attack is the very real likelihood of slow, insidious, creeping subversion, achieved through IoT device security breaches. And not just by one party or a single bad actor, but by many competing interests and organizations over time -- some with supposedly good intentions.
The total IoT attack surface will be too large to keep everything fully secured. In 2017, serious breaches in websites with supposedly high security went unnoticed for months -- and perhaps many haven't been noticed yet. Unfortunately, too many folks who should know better seem more concerned with ensuring backdoors are coded into large utilities than with secure IoT devices, arguing that intentional holes will be exploited only to snoop for the best of reasons.
It's clear that our IoT future will not be built on any one bulletproof standard, but will include a vast assemblage of protocols, network architectures, heterogeneous hardware or non-upgradeable vendor-controlled systems (many startups fail within a couple of years). We'll also need to contend with disgruntled employees and more than 190 countries' worth of intelligence agencies. All this rides on top of our existing stack of current IT security vulnerabilities.
And then there is us. Aren't we all hackers at heart? Who hasn't posted a not-quite-accurate status on Facebook or surreptitiously enhanced a photo? We lie to and through our technology all the time.
A playground for creative villainy
- Peeling away operator or user privacy. Losing significant individual privacy may be unavoidable, given the masses of big data already collected. Even rigorously anonymized data can sometimes be de-anonymized when there are other overlapping data sets available. With an increasing number of connected IoT devices surrounding us, each generating contextual data streams, our expectation of privacy really is in peril.
- Conducting data espionage. This could include spying on IoT data streams directly, or at a higher level discovering control schemes, underlying architectures and deployments. IoT spies will no doubt try to exploit metadata to deduce operating policies, internal groupings and key sets of "things," identifying events, and other useful intelligence without necessarily needing to break data-level encryption.
- Interrupting service. We should fully expect IoT to face many kinds of denial-of-service attacks. Perpetrators could try to flood communications, reroute protocols, block data streams, overwhelm gateways, insert undue network latencies and even physically damage devices. Have you ever been locked out of an important account because of too many password attempts? Imagine if someone got all the future IoT devices to lock you, and everyone else, out all at once.
- Corrupting data integrity. I would expect certain kinds of attacks would attempt to edit, insert or delete the data streams collected from edge devices. The point may not be to corrupt or destroy the data from any particular device, but to help perpetrate some other kind of fraud by modifying the "truth." While authentication and encryption will certainly help at one level, it may be possible to inject fake "things" into a given IoT network. Gateway data-collection points could be especially targeted, with a successful penetration enabling modification of data and control streams over whole sectors of edge devices. Without highly secure IoT devices, billions of connected things could be first physically compromised and then used to feed back fraudulent data.
- Hijacking devices. We have botnets already today that mostly just fire off tons of spam on command, so it's not hard to imagine that future hackers will try to create IoT botnets. And while outright theft or control of devices could be a goal, so would the more subtle borrowing of an IoT segment to conduct some kind of harassment, demand ransom or possibly even commit violent physical acts -- such as locking us out of our own home or intentionally crashing an autonomous car.
All hope is not lost
I have no doubt we will make mistakes, take shortcuts and ignore vulnerabilities until it's too late. But, given the size of the world's computing footprint today, we have actually been doing pretty well securing it all so far. We already have sophisticated encryption, blockchain algorithms and secure processes for authentication and auditing. As IoT communications develop, I'd expect to see new protocols emerge -- perhaps utilizing mixed path signaling for robustness and self-healing modes based on things like distributed consensus and nested multilayer security policy enforcement.
I really hope that I'll never be taken hostage by a self-driving car, have my house thermostat reset to 108 degrees Fahrenheit while I'm away on vacation or be forced to ransom back full control of my coffee machine. While all that sounds a bit far-fetched, every bit of it is technically possible. We really need to start establishing core IoT device security fundamentals.