Tech companies are eager to innovate to stay ahead of their competitors and anticipate their customers' needs. However, just as fast as they come up with new software, apps and gadgets, hackers come along to mine their efforts and find a way to take advantage of them for malicious purposes.
On the bleeding edge of technology innovation, Internet of Things (IoT) projects are the apple of many companies' eyes. While these companies invest in taking connectivity to the next level, cybercriminals spend their time planning on how to rain on their parade. This is why some of these companies are working closely with researchers that hack their own products before someone else does.
Most recently a large car manufacturer announced a recall on one of their cars to fix issues found by researchers. Thankfully, the problems were found by controlled experiments and consumers were not affected. However, realising that a hacker could use technology to steal a car or even cause a fatal accident is truly shocking.
Even the simplest inventions are being targeted. Amazon invented a dash button that does only one thing: you press it, and it will automatically order that one product it is linked to. Well, not anymore. Apparently a researcher already found a way to hack it to do several other things. He tracked the signal that the dash button sends to the network and altered it with a script. When any vulnerability like this is exposed, it doesn't take long until some hacker finds a malicious way to exploit it.
Cybercrime is unfortunately pervasive at all levels. The only way to counterattack it is to bring security to its rightful place at the heart of every technology - as a vital piece, not an afterthought. Thankfully, companies are starting to realise they cannot gamble with security and changing their processes to improve security before it affects their customers, not after. It is definitely good progress but it needs to be brought in even earlier than that.
It may sound far-fetched right now, but security needs to be incorporated to the tech innovation process, from its very early stages. When security becomes part of the initial concept of a product, it may still not completely prevent a breach but at least it is built to minimise damages.
Car maker Tesla recently made the news after being targeted by researchers/hackers. Even though they were able to gain access to the car entertainment system, they could not reach the engine as these two systems are isolated from each other. Furthermore, the way the car mechanics was built minimises potential damages. Even if one was able to virtually access the engine and stop the car, the car operates in a way that when the engine stops, safety features still function. The driver would not lose control of the steering wheel, brakes would still work and so would air bags.
If from the very beginning, companies are aware of which parts of their solutions and products are more exposed, they can build in ways to mitigate risks and control the damage, just as we would in the 'physical' world.