|By Ed Featherston||
|February 2, 2017 06:00 AM EST||
As I started writing this blog, I happened to be watching an episode from the new season of Black Mirror on Netflix. Black Mirror is a Sci-Fi anthology series, ala the Twilight Zone, although with a much darker perspective on both humanity and technology. I found the episode, ‘Most Hated in the Nation' somewhat apropos to my topic. The episode follows a police detective investigating the apparent murder of a columnist. This individual has been deluged with social media hate diatribes that would seem familiar to many. As the investigation continues, more mysterious deaths occur, with the victims all being targets of similar social media anger. Meanwhile, in the background, there are various news stories and visual cuts to ADIs (Autonomic Drone Insects). These tiny bee-like drones are being deployed throughout the country to replace the dying bee population, allowing for the continued pollinizing of crops.
Spoiler alert! As you can probably guess, it turns out someone was able to hack into the ADIs to pervert their actual purpose. The drones were killing the individuals in a rather gruesome fashion and the killer was using the social media hate to target his victims. There was the obligatory arguments from the manufacturers that the ADIs could not be hacked.... pause for effect...except for the back doors the government forced them to put in so the drones could be used for surveillance. Then enter the standard disgruntled employee who leveraged the back doors to make a very public and violent social statement about spewing hate in social media without consequences. (As I mentioned, Black Mirror takes a very dark view on both humanity and technology in most of their episodes.) The killer hacked millions of small intelligent devices, and turned them into weapons.
The recent Internet outage, a new kind of attack
On Friday morning, October 21, the first of several DDoS (Distributed Denial of Service) attacks on the core DNS infrastructure of the Internet on the East coast occurred. This attack caused significant outages for major internet sites such as Twitter, Spotify, Reddit, and Amazon. I was working remotely for a client and felt the impact directly. The client provides consultants access to their internal environments via Amazon Workspace. On Friday morning, we could not get access to that environment while the attack was occurring, which, as you can imagine, made for a very frustrating day.
DDoS attacks are not a new phenomenon. However, there were several key things that made this one a little different:
- Most DDoS target a specific website or company. This one targeted a key part of the internet infrastructure, DNS, provided by a particular vendor, Dyn. This resulted in it having much broader reach and impact.
- Dyn described the attack as a "very sophisticated and complex attack." As Dyn took mitigation steps against the attack, it would change, and adapt, making their efforts to respond much more difficult. They would start blocking the attack from one area, and very shortly, new IP addresses from a completely different part of the world would start attacking.
- The attack was coming from tens of millions of discreet IP addresses from around the world. In the past, these kind of attacks came from hijacked computers and laptops that had been infected with malware. This attack went further. Besides the same hijacked computers, this attack also used infected "Things" from the Internet of Things. Devices like DVR's, webcams, baby monitors, and home routers.
Mr. President, they are using our own devices against us
Okay, I admit, a little corny, but the point is a valid one (bonus points if you can identify the movie I am paraphrasing). The Internet of Things (IoT) is growing at astronomical rates. Gartner predicts that by the end of this year there will be over 6.4 billion "things" on the Internet, up 30% from last year. They estimate we are currently adding 5.5 million devices every day. A common topic of discussion and concern in the IoT space is security. As those that frequently read my articles know, this is a topic near and dear to my heart, quite literally. I have a pacemaker and insertable cardiac monitor in my chest (see my recent blog, ‘Musings on the Internet of Things - I am now a Thing'). Whenever the words IoT and Security show up in my newsfeed, I pay attention.
Most often when discussing security concerns related to the Internet of Things, the conversation tends to focus on two aspects:
- The increased attack surface: All of these devices extend the attack surface of networks, providing more potential entrée points into a corporate network.
- The potential lack of solid security implementation in these devices. Many devices still ship with standard default username/passwords, and sadly, many users never bother changing them (see my blog ‘Hacking and the Internet of Things' for some detailed descriptions of this).
This attack takes the first item of concern, attack surface, and completely flips it on its head. Instead of worrying about the devices acting as an entrée point to access data, we now have to worry about the devices being an actual tool and weapon in the attacks themselves. While not going to the extreme level of the Black Mirror episode I mentioned at the beginning, the hackers have started weaponizing our Things on the Internet. They are using them against us. The hackers are able to accomplish this in large part due to the second item of concern I mentioned. The lack of security implementations on many devices is a continuing struggle in the world of the Internet of Things. Balancing consumer ease of use with security is like walking a tightrope over a tank full of hungry sharks. Striking that balance is never easy.
No, the Things are not going to destroy civilization as we know it
This is not meant to be a doomsday prophesy. I do not subscribe to the dark view of humanity and technology displayed in Black Mirror. The Internet of Things, like any disruptive technology, has the ability to turn our viewpoints and paradigms on their heads. Last week's attack is a prime example of that. Given the raw numbers, the Internet of Things genie is out of the bottle, and there is no putting it back in. No technology negates the need for good design and planning. Those designs and plans must always include security as a key area of focus.
As technologists, we need to look at security from a different perspective. We have to think about the potential hackers differently. In the old paradigm, it was simple: protect the data, protect the boundaries of the data centers. That is still valid and needs to be done. But in addition, we need to look through the lens of disruptive technologies and work with vendors to implement stronger security measures on their devices. Work with educating end users about their use of these devices, ensuring they do not compromise them in the name of ease of use. We also need to look at other new disruptive technologies that could help in this battle. For example, machine learning is starting to be looked at as a tool that might help identify and respond to a security breach, adapting to changing attack patterns.
Ultimately, security in the world of technology is always a delicate balancing act between access, usability, and protection. It is critical to understand the risks, work with the business to educate them on the balance/tradoffs, and take the appropriate measures to ensure the proper balance is maintained. Oh, and if you hear a bee buzzing near your head, ignore it, I am sure it's nothing.
Register for @CloudExpo/@ThingsExpo 'FREE' Before Friday! ▸ Here
@ThingsExpo - The World's Largest 'Internet of Things' Event, November 1-3, 2016, at the Santa Clara Convention Center!
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
@CloudExpo / @ThingsExpo 2016 Silicon Valley
(November 1-3, 2016, Santa Clara Convention Center, CA)
@CloudExpo / @ThingsExpo 2017 New York
(June 6-8, 2017, Javits Center, Manhattan)
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be.
Register for @CloudExpo/@ThingsExpo 'FREE' Before Friday! ▸ Here
Track 1: Enterprise Cloud & Digital Transformation
Track 2: Microservices | Cloud Hot Topics
Track 3: Internet of Things & Cloud
Track 4: APIs & Cloud Security
Track 5: Big Data Analytics
Track 6: DevOps, Continuous Delivery & Containers
Track 7: Enterprise IoT & IIoT
Track 8: IoT Developer
Track 9: Consumer IoT | IoT Hot Topics
Delegates to Cloud Expo | @ThingsExpo will be able to attend 9 simultaneous, information-packed education tracks.
There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.
Join @CloudExpo | @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 7-9, 2016 in New York City, for three days of intense 'Internet of Things' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) IoT's use in Vertical Markets.
About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream - featuring over forty focused subject areas, from Cloud Computing to Web Security - interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company's internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).
Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.
- Cloud Expo New York Speaker Profile: Dave Linthicum – Cloud Technology Partners
- Don’t forget to register for FOSE 2013
- Streamline Health® Engages KPMG as Its New Independent Registered Public Accountants
- Red Hat U.S. Public Sector Chief Technology Strategist to Speak at NC Datapolooza
- Best CIO Practices Shared from SHI’s Customers
- Cloud Business Solutions, Social Media, and Platform Systems of Engagement Market Shares, Strategies, and Forecasts, Worldwide, 2013 to 2019
- DEvOps and SDDC Among Top 10 Strategic Technology Trends for 2014
- Application Server Market
- Commander of U.S. Cyber Command and National Security Agency Director, General Keith Alexander, To Keynote Day One of Black Hat USA 2013
- Cloud Computing: Rethinking Control of IT