Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

10:00 AM
Emil Sayegh
Emil Sayegh
Connect Directly
E-Mail vvv

Avoiding a 1984-Like Future

We must not simply trust technology to be safe. Technology providers and users should agree on severe security practices, and these standards must be implemented wherever data goes.

In George Orwell's dystopian classic 1984, Big Brother is an omnipresent antagonist who leverages surveillance and technology to instill fear, enforce rules, and gain reverence from the oppressed population. Today, the world is defined by convenience, with a growing number of advanced devices listening, watching, and collecting data. We live in a near-infinite media and communications state, with growing notions of diminishing privacy and the possibility of smart technologies becoming a conduit to a 1984-style surveillance regime. New technology – from cameras to sensors and controls — exists everywhere posing the question: Are we on a trajectory toward a "digital dystopia"?

Related Content:

How to Pinpoint Rogue IoT Devices on Your Network

The Changing Face of Threat Intelligence

New on The Edge: Loyal Employee or Cybercriminal Accomplice?

Information About Everything, Anytime
The majority of devices today are interconnected, relying on Wi-Fi. They aren't all autonomous or "smart" — yet. With 125 billion new devices projected to be online in the next decade, the Internet of Things (IoT) will only become smarter, with more and more access to data. This combination is a potential conduit to nefarious activities. Add artificial intelligence (AI), machine learning (ML), and automation to the mix, and the implications of these technologies working together become clear — information about everything, anytime. This collage of information contains treasure chests of information about you and the world around you that could be leaked, stolen, and used against you —like Big Brother did in 1984 to enforce his will on his subjects.

It's Hacking Time
Data is currency. While many industries and companies are built on collecting information, hackers focus on the ill-gotten acquisition of this data. The threat is growing because most smart devices are always online. Hackers and data thieves leverage shared skills and information, and also trade tools. When the worlds of IoT data and hackers collide, data will be misused — and vulnerable businesses will emerge with their data breached and reputations bruised.

This massive IoT target exists in a world of super-fast broadband and instant voice commands, where microphones pick up the everyday lives of everyday people. It holds so much power and wields so much potential for malfeasance that corporations, governments, and consumers must consider the potential for abuse now.

The World as a Target
With the advantage of IoT, it's possible that hackers soon will become the Big Brothers of our society unless we take a defensive posture now. These "Big Hacker" figures could be shadowy figures or even a nation-state or company. Whatever form these hackers take, the world of IoT is a tempting, significant target where intruders could take information over time or in one fell swoop. 

In this world, one small slip-up could mean the end of a career or business. Hackers could quickly release private video or information; they could compromise automated security systems, turn off power, and more. History shows that the unexpected should be expected.

In IoT (Do) We Trust?
We are surrounded by increasingly smarter, more integrated devices with a level of unjustified trust that security standards and safety are high. Unfortunately, the reality is that IoT security is hugely complex, and even secure systems are a wealthy target for attack.

IoT data that could hold a negative impact in the wrong hands includes:

  • Shopping preferences and habits
  • Camera feed
  • Voice feed
  • Security systems
  • System data
  • Location info
  • Behavioral data
  • Vital signs
  • Exercise routines

This data could be captured through hacking and infiltrating central repositories of information (such as large databases) or end-user devices. Security must become the fundamental building block of every IT architecture and system, or risk falling prey to Big Hacker.

Future of IoT and Security
Protecting user data must be an overarching corporate objective, with significant industry drivers such as compliance requirements, such as HIPAA for the healthcare industry, FERPA for the education sector, and PCI for the financial technology industry. Ultimately, people are the true stewards of their sensitive information, but they often let their guard down to smart devices' convenience. Just like liberties in democracies are fragile, companies also make themselves vulnerable by not building the proper defensive security protocols for their applications.

To avoid another 1984, people must not trust technology to be safe. Technology providers and users should agree on severe security practices, and these security standards must be implemented wherever data goes.

Emil Sayegh, President and CEO of Ntirety, is an early pioneer of Cloud Computing, recognized as one of the industry's cloud visionaries and "fathers of OpenStack," having launched and led successful cloud computing and hosting businesses for HP and Rackspace.Emil Sayegh ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.