TALKING BUSINESS
STEPHEN BRENNAN Senior Vice President of Cyber Network Defence , DarkMatter
ABOUT THE AUTHOR
Stephen Brennan is Senior Vice President , Cyber Network Defence of DarkMatter . He can be contacted on Twitter handle @ StephensLogic
To put this another way , consider an apartment building with 10 apartments and 10 different physical front door keys and locks . If you want to rob all 10 apartments , you need to steal the keys or break the locks on 10 different doors . Imagine , however , if they all used the same key to open their front doors . Even if every apartment owner protected their keys with a team of armed guards , the potential opportunity of being able to access not just one apartment , but all 10 through a single key , would make the incentive to overcome the guards enormous .
Exploits for these chips and operating systems don ’ t have to be easy ; the devices they run on just have to be ubiquitous enough to be worth the trouble .
Commoditised chips So this is how we end up in an environment where millions of IoT devices could be compromised for the successful DDoS attack against Dyn , which took many well-known US and global websites offline for hours at a time .
The thing is , millions more devices with these same vulnerable , commoditised chips and operating systems sit on store shelves across the globe , and
INNOVATIVE AND SCALABLE SOLUTIONS THAT MEET THE NEEDS OF THIS EMERGING MARKET SUCH AS BLOCKCHAIN AND PUBLIC KEY INFRASTRUCTURE WILL COME IN TO PLAY TO ENSURE DEVICES CAN BE SECURE AND TRUSTED ONCE THEY LEAVE THE FACTORY AND LONG INTO THE FUTURE
they continue to be made in factories from China to Chile . Even with the announcement of global recalls from certain device manufacturers , the immediate solution doesn ’ t lie with throwing away these devices ; it lies in a very different approach , both from industry and consumers .
This is where we as consumers – whether individuals , SMEs , enterprises or nation states – can directly influence the security of these devices by changing the incentives for their manufacturers . As the target consumers for a vast majority of these devices , we can vote with our wallets .
We can begin to choose – demand even – that manufacturers stop using commoditised and insecure chips and operating systems . We can favour those that certify that their devices have higher security using the highest level of testing and validation . Innovative and scalable solutions that meet the needs of this emerging market such as blockchain and Public Key Infrastructure will come in to play to ensure devices can be secure and trusted once they leave the factory and long into the future .
This may make devices more expensive . But just as we pay a little bit more for our cars so that they contain equipment to clean the exhaust , and thus deliver healthier air and a cleaner environment for everybody , so too does thinking about and researching our choices – and in some cases paying a bit more for our smart devices – deliver a safer internet for us all .
I ’ d certainly be willing to pay a few more dirhams for my fridge if that gave me more confidence that the only thing it could freeze was my ice . www . intelligentcio . com INTELLIGENTCIO
31