A couple of years ago, I replaced my home thermostat. I travel a lot, and I wanted to be able to save energy on days I wasn’t home. My new thermostat is an Internet-connected computer that I can control from my smartphone. I can set programs for when I am home and when I am away and monitor the temperature inside the house—all remotely. It’s perfect.
Unfortunately, I also opened myself up to some potential problems. In 2017, a hacker bragged on the Internet that he was able to remotely hijack the Heatmiser smart thermostat—not the brand I have. Separately, a group of researchers demonstrated ransomware against two popular American thermostat brands—again, not mine—demanding payment in bitcoin to relinquish control. And if they could plant ransomware, they could also have recruited that thermostat into a bot network and used it to attack other sites on the Internet. This was a research project; no operational thermostats were harmed in the process, and no water pipes burst as a result. But next time might be my brand, and might not be so harmless.
The Internet+ means two things when it comes to security.
One: the security properties of our computers and smartphones will become the security properties of everything. So when you think about the insecurity of software, or the problems of log-in and authentication, or security vulnerabilities and software updates—all subjects we’ll discuss in Part I of this book—they’ll now apply not only to computers and phones, but to thermostats, cars, refrigerators, implanted hearing aids, coffeepots, streetlights, road signs, and everything else. Computer security will become everything security.
And two: all the lessons from computer security become applicable to everything. Those of us who have been in the field of computer security have learned a lot in the past few decades: about the arms race between attackers and defenders, the nature of computer failures, and the need for resilience—again, all subjects that we’ll talk about later. These lessons used to be just about computers. Now they are lessons about everything.
There’s one critical difference: the stakes are much higher.
The risks of an Internet that affects the world in a direct physical manner are increasingly catastrophic. Today’s threats include the possibility of hackers remotely crashing airplanes, disabling cars, and tinkering with medical devices to murder people. We’re worried about being GPS-hacked to misdirect global shipping and about counts from electronic voting booths being manipulated to throw elections. With smart homes, attacks can mean property damage. With banks, they can mean economic chaos. With power plants, they can mean blackouts. With waste treatment plants, they can mean toxic spills. With cars, planes, and medical devices, they can mean death. With terrorists and nation-states, the security of entire economies and nations could be at stake.
Security is an arms race between attacker and defender. Consider the battle between Internet advertisers and ad blockers. If you use an ad blocker—and about 600 million people in the world do—you’ll notice that some sites now employ ad-blocker blockers to prevent you from viewing content until you disable your ad blocker. Spam is an arms race between the spammers developing new techniques and the anti-spam companies figuring out how to counter them. Click fraud is much the same: fraudsters employ various tricks to convince companies like Google that real people have clicked on web links and that Google owes the fraudsters money, while Google tries to detect them. Credit card fraud is a continuous arms race between attackers developing new techniques and the credit card companies countering with new ways to prevent and detect them. Modern ATMs are the result of a decades-old arms race between attackers and defenders, one that continues today with ever-smaller and more discreet “skimmers” to steal card information and PINs, and even remote attacks against ATMs over the Internet.
So, to understand Internet+ security, we need to start by understanding the current state of Internet security. We need to understand the technological, business, political, and criminal trends that have brought us to this state and continue to exert themselves, as well as the technological trends that define and constrain what’s possible, and illustrate what’s coming.