We are all doomed in the Internet of Things – and what we may can do to have a narrow escape.
Dramatic headline. I know. First of all: don’t panic.
As it makes sense to act headless facing the more and more unsecure landscape of the Internet of Things. The Internet of Things is defect. It’s unsustainable by the fact of its technical, social and economical bugs in the system. And any effort trying to fix these bugs is waste of time and money.
I spent this year a lot of time on conferences discussing with developers and experts on how we can get more security into the Internet of Things. And I’ve heard honorable recommendations. From improving the quality in the supply chain, introducing certification, training developers and raising consumers awareness on trust and privacy. All this sounds reasonable and for sure these actions can increase security and privacy in the Internet of Things. But it will not remove the increasing security and privacy problems we rush into. Let me show the dilemma on three aspects:
Broken encryption chains:
Many threats we are facing in the Internet of Things are based upon insecure applications and protocol layers. Latest by heartbleed and blueborn the possibilities of broken cryptochains have raised dramatically. Even on chip level crypto and trust concepts are broken e.g. the RSA encryption of Intels TPM chipset hack or Zigbee AES_CMM attack. On a complex Internet of Things connected environment – with many different things connected – there is a high possibility to include unsecure broken encryption in the system. Furthermore, devices with unsecure chipsets cannot be patched and in absence of alternative solutions unsecure chipsets will be still build into products. In past and future broken encryption chains will be part of Internet of Things networks.
Society dilemma on “safety” vs. “strong encryption”:
Societies – especially national states – subjects to particular interests of their public stakeholders and citizens. Today proper encryption is an obstacle for intelligence and law enforcement. Which is a constrain this institutions goals to provide stable societies and advantages in nations competition. These superior goals are overriding the technical need of strong encrypted technical environments. Intelligences worldwide have been created a marketplace for Zero Date exploits. High economic incentives of intelligences by commercializing vulnerabilities is a blocker on fixing weak systems as fast as possible. Furthermore, today an arsenal of Zero Day Exploit is accumulated by institutions building advantages on their cyber weapons arsenals. That’s why in the past and in the future security holes will be seen as a necessary requirement to gain advantages in global competition. With weak encryption security is an illusion. There is no security in the Internet of Things. Shadow broker NSA hack has shown what will happen, when Exploits will be leaked from Institutions towards cyber criminals. Wannacry is a direct result of that dilemma.
Economy and cost savings do not like security:
You are not interested in a secure environment, even if you are a stakeholder in security industries. The insecure Internet of Things is a strong economic driver for security industries. What? May you think I am silly. But keep in mind that the IoT Mirai Botnet makers Anna-Senpai have a strong background on DDoS defence industries. On a certain point of competition, they decided that a powerful DDoS weapon is enabling multiple business opportunities. Once to convince customers to choose own DDoS protection services and second the ability to earn money as DDoS stresser service provider. But also, non-criminal business activities will lead into insecurity. It’s simply a fact, that security is an investment. In industrial production, a single product is a result of a complex supply chain with n-tier suppliers. On IoT products beginning from chipset manufacturers, microcontroller module providers up to App and Cloud software providers, all of them chained to a unique smart product. Each of them are in need of cost optimization. Each of them will keep an eye of cost effective security solutions on their particular business operation. There is no complete sight on security in the IoT supplier chain if the smart product is targeting cost sensitive markets as e.g. consumer goods.
We are doomed. What’s the consequence?
First of all, of course we should not stop working on sustainable solutions for the problems I’ve described above. But at all there are many facts that we should be pessimistic. So, our focus needs to be on how can we handle with insecurity than on trying to get rid of it. It’s a complete different attitude, when we accept that future Internet of Things eco system will be completely insecure and a privacy nightmare. Because by that we can strengthen our selves to manage.
We can face the challenges, for example by being be prepared that you (or your institution / company) can be pawnd any time over an Internet of Things attack. For that it’s better that you will rely your IT infrastructure on a compartment strategy – where you can shut off or isolate suspicious or harmful devices and services – without shutting off your complete smart environment and services. Next, it’s important to have a close eye on all ingoing and outgoing communication from your network and the connected devices. This must be possible under full control without dependencies of 3rd parties as ISPs. The dowse.eu project is one possible solution to provide such controlling and monitoring instance which can be operated independently, as you can run it in a small scale smart home or larger scale smart infrastructure as industry 4.0.
Keeping the control on data flows is the key not to be doomed.
Its better just to accept that the Internet of Things is unsecure and post privacy. Sounds hard, but if we focus on that we can work on better concepts to create secure and private spaces in an unsecure world.