https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/IoTWorldToday-mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Wikipedia

Planet of the Apes

Could IoT Hacks Lead to a Planet of the Apes Scenario?

What’s the worst thing that could happen with IoT security? The U.S. Cyber Defense Advisor to NATO fears an IoT-induced Armageddon.
  • Written by Brian Buntz
  • 30th March 2017

Not long ago, if you went around saying that your TV was spying on you, most people might question your grip on reality. But what sounded like a conspiracy theory yesterday has become a reality for many. Sci-fi programming you might see on TV might be a harbinger of what’s to come with technology. In February, Vizio was fined $2.2 million for gathering consumer data without their consent. And earlier this month, WikiLeaks released secret documents indicating that CIA had hacked Samsung smart TVs to transform them into covert microphones.

At the IWCE conference in Las Vegas, Curtis Levinson, United States cyber defense advisor to NATO, explained that the vast majority of Internet of Things devices sitting on the public internet are vulnerable to an array of cyber-exploits. And many of those “things” can be weaponized. Smartphones can transform into full-color, full-motion bugging devices. Self-driving cars could be programmed to crash. The electrical grid could be knocked offline. There’s seemingly no limit to the possibilities. “My general rule is: If I can think of it, somebody else is already doing it,” Levinson said.

Unless we protect our ‘things,’ we are going to get to the Planet of the Apes.

What was most eye-opening about Levinson’s talk, however, was his conclusion: “Unless we protect our ‘things,’ we are going to get to the Planet of the Apes,” he surmised. Technological vendors are deploying IoT technology exponentially faster than they are protecting it.  

Cybersecurity experts are trained to think in terms of worst-case scenarios and, in his talk, Levinson easily rattled off an array of examples of IoT security vulnerabilities.

Take self-driving cars, for instance. “You wouldn’t get me into a self-driving car on a bet,” Levinson said. “I know how easy it is to hack those things, so it starts veering off course. It is connected to the internet, and the current realm of self-driving cars are not firewalled.”

Connected cars that lack autonomous functionality have long been at risk as well. Levinson stated that Mischel Kwon, the former director of the United States Computer Emergency Readiness Team (US-CERT), investigated automotive cybersecurity over a decade ago and gained remote access to cars at a nearby dealership. “She did this with the dealer’s full permission—because he didn’t believe it was possible—she started the motor of eight cars, unlocked them, rolled down the windows and even changed the radio stations. She got her master’s, but it was pretty shocking,” Levinson recalled.

Ultimately, any type of connected vehicle is at risk. The Las Vegas monorail is driverless and is, therefore, hackable. “It’s kind of frightening if you bump one train into another or all of the sudden reverse [them]. Very difficult to protect,” he said.  

Municipal infrastructure is one of the gravest threats. “Water treatment plants are highly automated. Their industrial control systems sit on IP addresses on the public internet and they are not firewalled and very often not protected,” Levinson said. A hacker looking to do harm to a city would only need to, say, turn off the water, change the water distribution pattern, or modify the water pressure. “Heaven forbid, they could do something like allow bacteria into the water and then distribute it,” Levinson stated.  

“I agree that a lot of bad things can happen to our infrastructure,” says Chris Kocher, co-founder and managing director of Grey Heron, who also spoke at IWCE. But Kocher prefers to envision specific risk scenarios. “I think there are some major things that could be pretty detrimental like controlling a dam to reduce massive amounts of water and creating floods, destroying an energy plant (gas, coal, or other) that creates huge explosions and the loss of power or water to thousands of people for months or years while rebuilding.”

[The topic of IoT security is a key item on the agenda at Internet of Things World in Santa Clara this May. Check out the agenda for the world’s biggest IoT event.]

Ultimately, the notion of rampant cyberwarfare resurrects concepts from nuclear policies developed during the Cold War. “Concepts of commensurate response come into effect (a tit for tat approach where you take one of mine, I’ll take one of yours),” Kocher explains. “But if you just destroy a power plant, I don’t destroy an entire city as that would not be commensurate.”

Another concept, Mutual Assured Destruction (MAD) is also at play here. “I think this prevents the Planet of the Apes scenario,” Kocher says. “If all sides have the ability through cyber or military means to wipe out or severely retaliate against an opponent, than no one wants to take the first step because they know the other side may completely destroy them in a mutual assured destruction scenario.” The challenge, of course, is that the Cold War strategies and understandings in effect between a limited number of superpowers in the past may no longer be relevant if rogue states or non-state actors become active, Kocher explains. This becomes even more complex as it is often difficult or impossible to definitively know where a cyber attack originated.

While any IoT has potential vulnerabilities, the risk levels vary widely. “Some IoT devices are pretty locked down with HW security, encryption, firewalls etc. Doesn’t mean it is impossible to hack them but could be very hard,” explains Kocher. “Unfortunately some are ridiculously simple as they come with default passwords and many people don’t reset them.”

The fact that many IP cameras, routers, and DVRs on the market use default passwords is part of what enabled last October’s crippling Mirai botnet. “Apparently on some of those cameras, there was not even any security,” Kocher explains. “As security experts always point out, the challenge with IoT, like any system, is that  they are only as strong as the weakest link.”

With cyberwarfare becoming fodder for prime-time news, science fiction plots can sometimes serve as a harbinger of things to come. After all, sci-fi authors have been warning of the post-apocalyptic possibilities of technology escaping the control of its owners for decades. The Internet of Things expands this potential reality.

In the near term, it is clear that IoT security is facing something of a perfect storm. As Kocher explains: “First, there are more devices available to be hacked; second, many are not locked up in a back office or data center but out there in people’s homes, cars, appliances and on their bodies in wearables; third, the data in some cases is extremely valuable and personal; fourth, everything is connected, as that is by definition what IoT assumes, which means if I can get in somewhere I can start accessing all kinds of remote systems; and finally, many of the devices have very low security barriers creating many weak links in the IoT security chain.”

Tags: Article Security Technologies

Related Content


  • Caltech campus
    Robots Could Gain Sense of Touch, With New Artificial Skin
    New design can help businesses determine the presence of hazardous materials, offer greater safety for workers
  • Clearview AI Fined $9.4M Over Facial Data Scraping
    The company was ordered to delete any data it held on U.K. citizens.
  • Microsoft Ramping up Cybersecurity Service Offerings
    Three new managed services will boost the company’s presence in the security space
  • IoT Product Roundup
    IoT Product Roundup: PTC, Nokia, Arm and More
    All the latest Internet of Things products

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest News

  • Unmanned Robotic Combat Vehicle Being Tested
  • Image shows a Close up of lens on black background
    Carnegie Mellon Researchers Invent System to Find Hidden Cameras
  • STMicroelectronics
    STMicroelectronics, Microsoft Partner to Develop IoT Security Solutions
  • Image shows IoT (Internet of Things) concept.
    IoT Product Roundup: Amazon, Synaptics, Urban Control and More

Roundups

View all

IoT Product Roundup: Canonical, InfluxData, Wiliot and More

23rd June 2022

IoT Product Roundup: Cisco, Telit, Draganfly and More

9th June 2022

IoT Deals, Partnerships Roundup: Google, Arm, Senet and More

26th May 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Latest Videos

View all

AI Summit 2022: easyJet’s Ben Dias on AI in Aerospace

The company’s director of data science and analytics talks about the industry’s use of AI.

AI Summit 2022: Bob Compton, CIO of Mobilize Financial Services

Compton talks about some of the biggest business challenges with AI

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Rethinking the Database in the IoT Era

18th May 2022

Jumpstarting Industrial IoT solutions with an edge data management platform

12th May 2022

AI led Digital Transformation of Manufacturing: Time is NOW

9th December 2021

Special Reports

View all

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

IoT Security Best Practices for Industry and Enterprise

20th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

IoT Deals and Partnerships Roundup: Sony, Emnify, Nexxiot and more dlvr.it/STBT4j https://t.co/F9miX0gvkV

1st July 2022
IoTWorldToday, IoTWorldSeries

AI Summit 2022: easyJet’s Ben Dias on AI in Aerospace dlvr.it/ST9SXq https://t.co/ZFAoLpy4v5

1st July 2022
IoTWorldToday, IoTWorldSeries

#Selfdriving tech leaders urging @CAgovernor to allow #autonomous trucks to operate in the state. #AVs @Waymo… twitter.com/i/web/status/1…

30th June 2022
IoTWorldToday, IoTWorldSeries

Wimbledon 2022: AI Operations Inside the Control Room  dlvr.it/ST6sQs https://t.co/dXvyIjtuJD

30th June 2022
IoTWorldToday, IoTWorldSeries

AI Summit 2022: Bob Compton, CIO of Mobilize Financial Services dlvr.it/ST4sVs https://t.co/1dq3tbwycl

29th June 2022
IoTWorldToday, IoTWorldSeries

Vodafone Hints at IoT Spinoff dlvr.it/ST46FV https://t.co/5SNxgkK9yN

29th June 2022
IoTWorldToday, IoTWorldSeries

Autonomous Helicopter Takes off in Canada dlvr.it/ST3sPr https://t.co/OA9RA1XJcY

29th June 2022
IoTWorldToday, IoTWorldSeries

AI Summit 2022: AutoTrader’s Nick King dlvr.it/ST3Ylw https://t.co/XgT5qZtme1

29th June 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X