IoT Brings with it Po­ten­tial State-funded Cy­ber Crimes

Distinguished Magazine - - Contents - SURANGAMA GUHA ROY

Over re­cent months, it has be­come in­creas­ingly clear that IoT runs the po­ten­tial risk of be­ing ex­ploited by na­tion-states, and not al­ways in a good sense. Over the past decade, tech­nol­ogy has made the im­pos­si­ble, pos­si­ble, quite lit­er­ally. The in­ter­net of things (IoT) has made real what would have been con­sid­ered a mere piece of fic­tion even a few years ago. A mul­ti­tude of in­ter­net con­nected de­vices have made our lives eas­ier, and of course, faster; as we move be­yond the in­for­ma­tion age, tech­nol­ogy dom­i­nates our ev­ery­day lives like never be­fore.

Yet, with mil­lions of dig­i­tally con­nected gad­gets and the sheer quan­tity of data that gets trans­ferred every one tenth of a se­cond, no won­der there are gap­ing holes in se­cu­rity, mak­ing safety a pri­mary con­cern in the in­ter­net ecosys­tem. Over re­cent months, it has be­come in­creas­ingly clear that IoT runs the po­ten­tial risk of be­ing ex­ploited by na­tion-states, and not al­ways in a good sense.

Gov­ern­ment sur­veil­lance, al­beit the un­der­ly­ing theme of nu­mer­ous con­spir­acy the­o­ries over the years, is of course real, and has been so for decades. Yet, with tech­nol­ogy evolv­ing and be­com­ing more cut­ting edge, sur­veil­lance has taken newer and pre­vi­ously un­think­able forms. For in­stance, state backed hack­ers are not only tar­get­ing data from gov­ern­ment agen­cies that could be rel­e­vant for the na­tion’s se­cu­rity, but even in­dus­trial en­ter­prises and com­mer­cial net­works, thus leak­ing con­fi­den­tial in­for­ma­tion that would harm the or­ga­ni­za­tion, and sub­se­quently the coun­try to which it be­longs.

Ac­cord­ing to Robert Han­ni­gan, for­mer direc­tor gen­eral of the Gov­ern­ment Com­mu­ni­ca­tions Head­quar­ters (GCHQ), UK, “We are see­ing a cross over be­tween na­tion-states and crim­i­nal groups act­ing on their be­half, some­times with the same peo­ple work­ing on na­tion state cy­ber ac­tiv­i­ties by day and crim­i­nal ac­tiv­i­ties by night.”

In re­cent years, cy­ber-at­tack in­ci­dents came in the shape of the un­prece­dented Wan­nacry ran­somware that ripped through Mi­crosoft Win­dows op­er­at­ing sys­tems glob­ally in 2017. The ma­jor brunt of the hack­ing was borne by the Na­tional Health Ser­vice (NHS), UK, as hos­pi­tals and health care fa­cil­i­ties across Eng­land and Scot­land were some of the worst hit. Other coun­tries that were af­fected by the mal­ware in­cluded Tai­wan, Rus­sia, Ukraine and In­dia. Over the past months, the United States ad­min­is­tra­tion ac­cused North Korea of hav­ing un­leashed the at­tack. Sim­i­larly, other coun­tries like Rus­sia and Iran are ru­mored to be ma­jor play­ers in launch­ing cy­ber-at­tacks around the world.

Fur­ther­more, em­bold­ened by so­phis­ti­cated cy­ber tool­kits, state-funded hack­ers have started en­croach­ing into the per­sonal space of other hack­ing groups. For this they make use of the pas­sive stance, such as eaves­drop­ping and in­ter­cept­ing com­mu­ni­ca­tion, as well as the ac­tive stance, for in­stance send­ing mal­ware, Tro­jans and the theft of data and sen­si­tive in­for­ma­tion. The cy­ber war­fare be­tween hack­ers makes it all the more dif­fi­cult for cy­ber­se­cu­rity pro­fes­sion­als to en­sure safety.

More re­cently, a warn­ing has been is­sued jointly by the US and the UK against pos­si­ble Rus­sian cy­ber-at­tacks that could pen­e­trate not only into gov­ern­ment agen­cies and pri­vate or­ga­ni­za­tions but also into pri­vate homes and of­fices. What had un­til now been con­fined within cer­tain se­lected sec­tors, is now grad­u­ally seep­ing into the most per­sonal do­mains of in­di­vid­u­als.

No one then, not even pri­vate cit­i­zens, are im­mune from be­ing tar­geted by ma­li­cious state-spon­sored cy­ber-at­tacks. Some of the fore­most cor­po­ra­tions in the world are ad­dress­ing chal­lenges of cy­ber-at­tacks in their own ways. For in­stance, Mi­crosoft has in­vested 1 bil­lion dol­lars an­nu­ally for cy­ber se­cu­rity. It is vi­tal to ap­ply best prac­tices that would be able to tackle the con­tin­u­ally evolv­ing tech­nol­ogy that is at the ser­vice of the per­pe­tra­tors.

There are two sides to every coin. The un­be­liev­able evo­lu­tion of tech­nol­ogy, es­pe­cially with the ad­vent of IoT, has made cy­ber­se­cu­rity manda­tory, just as it has made pos­si­ble a bet­ter, more ad­vanced way of life. While the idea of cy­ber­se­cu­rity is still largely mis­un­der­stood by the com­mon man, the fact re­mains that the threats that ex­ist in the cy­ber land­scape could have more se­vere ram­i­fi­ca­tions in hu­man life, than those ex­ist­ing in the phys­i­cal world. It is bet­ter, there­fore, to ap­pre­ci­ate the po­ten­tial dan­gers of the in­ter­net, and en­force cy­ber se­cu­rity for a safer fu­ture, es­pe­cially in a world where na­tion-states have gained unimag­in­able power over their own cit­i­zens.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.