Former Intelligence Senior: “Internet of Things” Increases Threat to Infrastructure

Former Intelligence Senior: “Internet of Things” Increases Threat to Infrastructure

This post is also available in: heעברית (Hebrew)

A  simple Web search can reveal information from thousands of unsecured devices. Even the casual browser can access camera data from Sweden, video game server activity in Eastern Europe, or the output of American wind turbines, according to to former Director of National Intelligence Dennis Blair, who spoke at the annual strategic conference at the  Center for Cyber and Homeland Security at George Washington University.

According to Homeland Security News Wire, experts from across the public and private sectors gathered at the conference, titled “Securing our Future,” to discuss the evolution and future of cyber, homeland and national security.

Adm. Blair says this information is as easily accessible to terrorists and other criminals. And more will become available as the “Internet of things” — the collection of physical systems and devices connected to the Internet — grows in size. “Overall, the ‘Internet of things’ will hurt [cyber security professionals] more than help us,” Blair cautioned. “It will make our jobs more difficult.”

Every device on the “Internet of things” could be an “attack path” to the larger systems with which those devices are integrated, Adm. Blair warned. An unsecured power monitoring system in an individual household, for instance, could give a hacker access to its associated regional power grid.

The development of the “Internet of things” is fortunately slow enough that developers have time to address some of these issues, Blair said, “but not if security is an afterthought.”

Deputy Secretary of Homeland Security Alejandro Mayorkas, who delivered the morning keynote, pointed out essential differences between cyber security and other law enforcement priorities: While traditional law enforcement focuses on finding and punishing specific criminals, for instance, Mayorkas said that apprehending perpetrators “may be less important than ensuring that the victimization is not replicated” when it comes to cybercrime.