We never intended for this blog to become focused on security, but unfortunately recent events have highlighted the problems that we face on a daily basis in this ever more-connected world. If we want to move forward with ‘The Internet of things’ concept, where more and more devices become connected to the internet, then we need to start taking security a lot more seriously.
Seeing Security Seriously
In recent weeks, we have seen viruses, cyber-attacks and security breaches from big players like Dropbox, Yahoo, KCOM, Three, TalkTalk, the Post Office, the National Lottery and even the NHS. We have heard about hacked CCTV cameras, web cams and routers being used to attempt to bring down the internet. One thing is very clear: Tech companies need to get serious about the risks. We were appalled to hear that TalkTalk, upon being presented with a list of router SSIDs and login details stolen in the recent cyber hack, refused to back down on their statement that their customers were not at risk and need no change their security credentials!
Why do hackers exist?
The simple answer is that people hack because they can. Many hackers are out to prove a point and there is a strong argument that these sorts of things should take place, not that we would ever condone hacking or stealing of data, however, as a society we need to take this sort of thing more seriously, many of those who are finding these vulnerabilities and pointing them out are not looking to cause direct damage but they are trying to prove a point which is actually the same one we are making, that the big faceless corporations need to start taking this seriously. Unfortunately this is often not moderated and ends up causing direct damage and disruption, often to people who are not directly responsible for the poor processes that lead to vulnerabilities existing.
There are of course the highly organised criminal elements who hack to steal. This can be government espionage, industrial espionage stealing other companies secrets or it could be funding other criminal activity or for use in ransom or other manipulation of individuals or corporations.
Companies Cutting Corners
These attacks are happening too often, and we know that only the tip of the iceberg is reported in the press. The Dropbox hack, for example, took several years to come into the open. We think these big companies have a social and moral responsibility to address the vulnerabilities. As technology rolls forward and the pressure is there to innovate and produce the next big thing, there is increasingly a seeming lack of controls, checks and balances: corners are being cut. Remember Samsung’s melting phone batteries and Apple’s bending iPhones?
What is the future for the ‘Internet of Things’?
As a technology company known for innovation, Digitalquill wanting to push forward to a future where everything is connected, but currently that future looks bleak. For example the recent news that Apple, Ford and Google are working on self-driving cars. How can we trust self- driving cars when we can’t get routers that are hacker proof? Hackers would not need to hack and take ‘control’ of these sorts of systems, all they would need to do is find a weak point to disrupt sufficiently to cause the rest of the system to crash.
The Zyxel Router Hack
This seems to be a new tactic, the recent KCOM internet outage was not caused by an attack on KCOM themselves. Hackers exploited a weak point which in turn caused a knock-on effect like a wave across the whole network and could have taken a full city off the internet map in one fell swoop. Similarly in Germany, the same hack cost 900,000 Deutsche-Telekom users their internet connection for weeks. A targeted attack could cripple the national infrastructure all for the sake of not changing default router passwords!
How to keep homes and businesses safe from Cyber Attacks
While most of our frustration is directed at the manufacturers of the products and the ISPs for failing to take security seriously, some responsibility has to be taken by the consumer. We all want ever cheaper technology. We put the tech companies under pressure to constantly upgrade and improve their products and all-the-while we expect the costs to fall lest that company is seen to be falling behind.
Digitalquill Cybersecurity Experts in Hull and East Yorkshire
We will continue to highlight the problems we find and recommend solutions, but the thing you can do today to improve your cyber security is to arrange for a cyber-security healthcheck for your business. Digitalquill are experts in the field and we can help you combine policy, software and hardware to reduce the risks to your business.