Security challenges of the internet age

18 Mayıs 2017

Rapid advances in information technologies and the increase in the use of internet has created a very complex system; i.e. the “internet of things” (IoT). It refers to the connectivity of devices like refrigerators through embedded network software, enabling them to interact with the external environment via internet.

 As a result, a refrigerator can now check the food stock, follow its owner’s dietary restrictions, and order food from an online market whenever the stock is running low. There are still much to learn about IoT for the layperson. While it eases life in general, it also challenges the society at large with hitherto unheard threats such as hacking people’s lives through a refrigerator.

The already emerging challenges posed by the information flow between billions of internet-enabled devices being connected to each other is something that the international society will have to find ways to deal with. The IoT is still in its infancy, but the security challenges it poses are already substantial that NATO and several states are already looking into it.

We have witnessed several instances of the kind of havoc a possible hacking through simple devices could wreak around the globe. In October 2016, for example, a massive cyberattack targeted the U.S. based company Dyn, which provides Domain Name System (DNS) services to major websites, and caused a shutdown of the internet globally. What made this attack interesting was the usage of internet-connected devices to create the necessary traffic to shut down the servers.

Another global cyberattack, the largest ever, hit more than 150 countries and around 300,000 computer systems last week. The massive ransomware, called WannaCrypt virus, attack, which encrypts all files on the victim’s infected computer and demands payment to release them, affected several sectors globally ranging from health services to public transportation, bank systems and telecommunication. Russia was the worst affected country with nearly 65 percent of the infected computers belonging to Russian institutions such as the Interior Ministry, Central Bank, the state railway company and the telecommunication company Megafon.

While Russian President Vladimir Putin accused the U.S. of developing hacking tools, analysts from cybersecurity companies of U.S. Symantec and Russian-based Kaspersky Lab revealed that the early evidences pointed to a North Korean hacking group; The Lazarus Group. Their speculation is based on the similarities of the code used by the Lazarus Group in their past attacks such as targeting Sony Pictures Entertainment in 2014 and Bangladesh’s Central Bank in 2016.

Putin’s accusation, on the other hand, pointed at an earlier leakage of a malware by a group called ShadowBrokers, which had hacked into the servers of the U.S. National Security Agency (NSA) and stole software it used to break into computers internationally. As this became known, the NSA informed operating systems like Microsoft and Cisco to release patches to protect their users. Coincidentally, most of the computers affected from the latest attack were the ones that had not activated the patches released by Microsoft. Also, there are indications that the code developed by the NSA is used for the ransomware attack.

Although it could take months to identify the real perpetrators, as different groups regularly use each other’s code to shift the blame and avoid detection, the incident clearly underlined the fact that states are not yet ready for emerging cyber threats in a globally connected world. While traditional security threats are being gradually replaced with novel ones, the techniques developed by states to protect themselves from threats coming through the internet, also contain risks of being used by malicious groups to hit them. Such is the world of IoT.