What you should do
computers – in the form of devices – connected to the internet,” said Matthew Green, an associate professor of computer science at Johns Hopkins University.
This interconnectivity is known as the Internet of Things, he said.
“These computers are all vulnerable,” Green said. “They all have software running on them and unfortunately, not all of it was written by the best software developers. And to make matters worse, the software often doesn’t get updated.”
Both Schneier and Green pointed to the largest distributed denial-of-service attack, which happened in October 2016 and infected computers with malware, known as botnets, to bombard servers with traffic until they collapsed.
Hackers took down Twitter, Netflix, Reddit, CNN and many other websites around the world for almost an entire day, both Schneier and Green said.
What was the innocuous conduit for accomplishing this majorly disruptive feat?
Webcams, DVRs and home internet routers with weak passwords and poorly written software – much like the ones you and I have in our homes today.
The problem, Schneier said, is that, “You have no way of knowing if your device is affected by this (or any other) botnet and you kind of don’t care. And there is no way to patch it. It will be a member of that botnet until you throw it away, which could be a decade from now.”
He added, “Once computers start affecting the world in a direct and physical manner, there are real risks to life and property. And the market won’t resolve this.”
Think disabled cars, purposely interrupted pacemakers and the shutdown of electrical grids.
There are only two ways to fix the problem.
Customers must demand it, which, Schneier asserts, won’t happen because cus- tomers don’t really know what’s going on. Governments also should pass laws ensuring that device manufacturers build and update their products to reduce software vulnerabilities, he said.
So, why is it that everything seemingly is moving toward becoming a part of the Internet of Things?
Because it’s cheaper to make appliances and other devices with smart technology than not, Schneier said.
“Today, the cheapest way to make a refrigerator (or any other appliance or electronic device) is to grab a general purpose CPU chip off the shelf and build all
A
A
A
A the functionality into the software,” he explained. “But that CPU chip comes with internet connectivity, messaging services, video software, a microphone – whether the manufacturer wants it or not.”
What can consumers do to protect against a hack?
“It’s really, really hard to know what software is running on smart devices like fridges, ovens, thermostats, doorbells and in smartphone apps (to name just a few),” Green noted. Schneier’s guidance? “Demand that the government regulate this,” he said.