THE BLOG

The Cybersecurity Industry Is Failing And It's A Race Against Time To Fix It

16/05/2017 16:13

So it's happened again, another cybersecurity uberhack and the world reels from the chaos it has unleashed. But it's not as if it we haven't been warned.

Cybersecurity is everywhere in popular culture. Two years ago it was the theme of Spectre, the last James Bond film, and is a major thread through mega TV shows such as Mr Robot and House of Cards.

German writer Marc Elsberg's 'cybersecurity thriller' Blackout has sold more than a million copies, a figure set to rise after it was finally translated into English earlier this year; five years after its original publication.

In the book, a loose bunch of cyber-anarchists lay malware across the electrical grids of European countries, all initiated by the hacking of just three domestic Smart Meters in Italy, Austria and Sweden.

Blackout
tells of a totally feasible scenario where nuclear reactors melt, hydroelectric power plants totter and dependent national grids fall down. Within a week Europe is on its knees.

Unfortunately, life now appears to be imitating art and the non-stop connection of IoT devices mean the whole cybersecurity industry is in a similar (and very current) race against time to save the world from catastrophe.

The big story, of course, was the Mirai DDOS botnet attack at the end of last year when, movies, TV shows and books notwithstanding, the general populace suddenly realised how vulnerable the so-called Smart Home was.

Since then, the attacks have continued. 'Smart' vending machines at US colleges have been attacked, as have 'smart' light bulbs in corporations. These break-ins have become portals for further attacks that have attempted to steal and acquire all of the West's ideas and IP.

Now it's WannaCrypt ransomware, next week it will be something else.

The internet is infected and every day its suppurations are worsening, even as the stable door is being hastily closed after the big, bad horse of theft has bolted.

That's how it is and as institutions finally realise what idiots they were to leave the door open and tighten their security, the Smart Home is where the hackers are coming next.

This Smart Home is clearly a dumb one with insecure devices and minimum password protection mixing with little interoperability. While many are blaming the consumer for not protecting their content, the device manufacturers are the organisations culpable for this imperfect storm.

The consumer is clearly not to blame, it's the device makers in the consumer cybersecurity ecosystem that should be on trial for bringing about such a situation.

Like the hackers in Blackout, they can't believe their luck at how easy it all is, how complacent and lazy utility companies across the world were with their security. Elsberg's book has become so influential over the past five years that he completely changed the utilities industry... for the better.

Maybe the Mirai botnet did the same for the IoT industry or the so-called Security of Things (SoT) business, without the need for creative or poetic license, just a terrifying reminder of how vulnerable the Smart Home is.

At CES earlier this year, there were several products that will be launching this year promising to fill in the holes of the Smart Home. The Smart Home Cybersecurity industry is wise to the threat and releasing products that show promise.

The bad news to this good news is that they are still competing with each other. Co-operation and interoperability seem as far away from universal regulation as the current state of boxing's various bodies.

One boxing belt is not recognised by another regulatory body, but in this case the industry is blaming the boxers for not being serious enough.

Time, indeed, is running out to get this problem solved. The end user is always going to want something that works and makes their life easier, he or she doesn't doesn't care about that platform it's running on; they just want it to be safe.

Elsberg's Blackout book is a work of fiction, but the vulnerability of only ONE house, such as a Dumb Meter, showed how easy it is to bring down the world.

If we truly want to save the world from this possible ruin, cybersecurity stakeholders need to start talking to each other, as quickly as possible.

Otherwise Elsberg's book will become a reality and the example of the failure of electricity and all of its concomitant parts, may spell the failure of the human working with a clean machine.

Comments

CONVERSATIONS