Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/7/2020
10:00 AM
Emil Sayegh
Emil Sayegh
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
100%
0%

Avoiding a 1984-Like Future

We must not simply trust technology to be safe. Technology providers and users should agree on severe security practices, and these standards must be implemented wherever data goes.

In George Orwell's dystopian classic 1984, Big Brother is an omnipresent antagonist who leverages surveillance and technology to instill fear, enforce rules, and gain reverence from the oppressed population. Today, the world is defined by convenience, with a growing number of advanced devices listening, watching, and collecting data. We live in a near-infinite media and communications state, with growing notions of diminishing privacy and the possibility of smart technologies becoming a conduit to a 1984-style surveillance regime. New technology – from cameras to sensors and controls — exists everywhere posing the question: Are we on a trajectory toward a "digital dystopia"?

Related Content:

How to Pinpoint Rogue IoT Devices on Your Network

The Changing Face of Threat Intelligence

New on The Edge: Loyal Employee or Cybercriminal Accomplice?

Information About Everything, Anytime
The majority of devices today are interconnected, relying on Wi-Fi. They aren't all autonomous or "smart" — yet. With 125 billion new devices projected to be online in the next decade, the Internet of Things (IoT) will only become smarter, with more and more access to data. This combination is a potential conduit to nefarious activities. Add artificial intelligence (AI), machine learning (ML), and automation to the mix, and the implications of these technologies working together become clear — information about everything, anytime. This collage of information contains treasure chests of information about you and the world around you that could be leaked, stolen, and used against you —like Big Brother did in 1984 to enforce his will on his subjects.

It's Hacking Time
Data is currency. While many industries and companies are built on collecting information, hackers focus on the ill-gotten acquisition of this data. The threat is growing because most smart devices are always online. Hackers and data thieves leverage shared skills and information, and also trade tools. When the worlds of IoT data and hackers collide, data will be misused — and vulnerable businesses will emerge with their data breached and reputations bruised.

This massive IoT target exists in a world of super-fast broadband and instant voice commands, where microphones pick up the everyday lives of everyday people. It holds so much power and wields so much potential for malfeasance that corporations, governments, and consumers must consider the potential for abuse now.

The World as a Target
With the advantage of IoT, it's possible that hackers soon will become the Big Brothers of our society unless we take a defensive posture now. These "Big Hacker" figures could be shadowy figures or even a nation-state or company. Whatever form these hackers take, the world of IoT is a tempting, significant target where intruders could take information over time or in one fell swoop. 

In this world, one small slip-up could mean the end of a career or business. Hackers could quickly release private video or information; they could compromise automated security systems, turn off power, and more. History shows that the unexpected should be expected.

In IoT (Do) We Trust?
We are surrounded by increasingly smarter, more integrated devices with a level of unjustified trust that security standards and safety are high. Unfortunately, the reality is that IoT security is hugely complex, and even secure systems are a wealthy target for attack.

IoT data that could hold a negative impact in the wrong hands includes:

  • Shopping preferences and habits
  • Camera feed
  • Voice feed
  • Security systems
  • System data
  • Location info
  • Behavioral data
  • Vital signs
  • Exercise routines

This data could be captured through hacking and infiltrating central repositories of information (such as large databases) or end-user devices. Security must become the fundamental building block of every IT architecture and system, or risk falling prey to Big Hacker.

Future of IoT and Security
Protecting user data must be an overarching corporate objective, with significant industry drivers such as compliance requirements, such as HIPAA for the healthcare industry, FERPA for the education sector, and PCI for the financial technology industry. Ultimately, people are the true stewards of their sensitive information, but they often let their guard down to smart devices' convenience. Just like liberties in democracies are fragile, companies also make themselves vulnerable by not building the proper defensive security protocols for their applications.

To avoid another 1984, people must not trust technology to be safe. Technology providers and users should agree on severe security practices, and these security standards must be implemented wherever data goes.

Emil Sayegh, President and CEO of Ntirety, is an early pioneer of Cloud Computing, recognized as one of the industry's cloud visionaries and "fathers of OpenStack," having launched and led successful cloud computing and hosting businesses for HP and Rackspace.Emil Sayegh ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: "The truth behind Stonehenge...."
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27886
PUBLISHED: 2021-03-02
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.
CVE-2016-8153
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8154
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8155
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
CVE-2016-8156
PUBLISHED: 2021-03-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.