Have you noticed something about the companies that lecture us about the need for speed, innovation and agility? They’re always the ones that move with all the pace and grace of Laurel and Hardy shifting a piano up a long staircase.
As Oliver Hardy might say: “Don’t stand there mouthing catch phrases. Why don’t you do something to help me?”
If you’re looking for a business model that’s fast and fluent, you could do worse than to emulate the criminal community. If we can park their questionable morals to one side, it has to be said they run a very tight ship. They are inventive, well organised and efficient — ruthlessly at times. The Mafia has its Trusted Advisor and Premier Partners – they call them Goodfellas, says Nick Booth, freelance IT and communications writer.
Cyber larceny has minimal latency. By the time detectives get a warrant to search a house, their targets are several paradigms away, according to IT crime fighting expert, Catalin Cosoi. As chief security strategist for security firm Bitdefender, Catalin spends a lot of time juggling cases. “In the cyber world you need to act within the hour,” he says. Sadly, laws and jurisdictions don’t work accordingly.
So, the IoT industry offers a tremendous opportunity for cyber crims. Kit manufacturers are so busy assembling cameras and sensors and comms devices that they just don’t have time to assign a decent password to each. They can’t even spare a second to put a note in with each device, warning the owner to change the default ‘Welcome’.
In effect, they are sending out millions of open invitations to the world’s cyber criminals. They’re like teenagers organising a party in their parents’ house on Facebook – they don’t seem to care how many rogue elements are out there. In fact, it’s 16 times worse on the IoT, because the average household has at least 16 gadgets with IP addresses that can accommodate criminal code.
This is why Ransomware is the weapon of choice scene for today’s aspiring violators, according to Bitdefender’s senior e-threat analyst Bogdan Botezatu. Nobody robs banks any more – financial malware is becoming a thing of the past, he says. You’d get laughed off the Dark Web if you turned up on a forum with a metaphorical stocking over your head. Ransomware is the height of fashion now.
While this relatively new crime is like the malware threat on steroids, the killer botnets are an even more ominous development, says Botezatu. On the dark web, sales of the tools for these IoT heists are going through the roof. There are 14 million new pieces of malware created every month and 400,000 new threats every day.
One of Bitdefender’s tasks now, as well as making systems to nip these awful algorithms in the bud, is to monitor and share intelligence with the world about IoT attacks as they happen.
Bitdefender saw the Mirai bonnet coming in advance – which was why it took the precaution of creating the Bitdefender Box to defend against it. Routers are no longer the problem, so this device offers a sort of filter to stop malware before it gets onto the network attached storage (NAS), the nodes and the other IoT devices in the house. However, it’s a risk creating a solution to a problem that hasn’t emerged yet, and it was a big leap of faith to create this new system.
“It wasn’t perfect – but it was one of the first of its kind,” says Botezatu. It’s the insight into the latest inventions in the Internet of Crims that the IoT sector really needs. Bitdefender now has intelligence on IoT attacks as they happen. It has a live feed that maps the latest beta cyberthreat as they happen.
IoT mostly runs on a stripped-down version of Android and the problem is that device makers – especially the Android mob – are very segregated. “It would be great to get programming interfaces with the devices being made, so we can run more efficient directly on each device,” says Botezatu. But sadly, the manufacturers have other priorities.
So, in crime fighting terms, the security of the IoT advances at the pace of two slapstick comedians carrying a piano up a long staircase. Meanwhile, the criminals are clambering in and out the windows with ease. Hey, device makers, why don’t you do something to help us?
The author of this blog is Nick Booth, freelance IT and communications writer
Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow