Read Time: 2 Minutes
In this year’s keynote at Cebit, Hannover, Germany, our very own CRO (Chief Research Officer) Mikko Hyppönen, spoke about the two main problems we are facing in our digital world: Security and Privacy. While we all know that security breaches usually mean that cybercriminals breach our systems to gain access to our data to make money. Privacy problems arise from a different source.
Privacy problems in our daily digital lives come mostly from companies that are not breaking the law when they are breaking our privacy; they are breaching our privacy completely legally. […] It’s mind-boggling that the main way we pay for goods and services and products online is not with money but we pay with our locations, our communications – with our privacy.
Not only do we generally click and agree end-user-agreements without reading them, we actually like free lunches and services so much that we do not ask questions, said Hyppönen.
The Internet of Things (IoT) makes devices smart and “smart means exploitable” according to F-Secure’s CRO. If money can be made, it will be made – no matter the consequences. No other IT profession is making more money than cybercriminals. And it does not matter which device is being used. If it can be attacked it will be attacked. Not only viruses are a problem but so-called ransomware. This type of malware has grown in importance over the last two years. Mikko Hyppönen showed how the most well-known (CBT Locker) software in this field is actually a franchise system. Cybercriminals do not develop the software themselves but buy the toolkit to hold devices ransom.
Another important factor in security is stealing computing power to run bot nets for DDoS (Denial-of-Service) attacks or to generate cybercurrencies through mining. The number of bot net attacks from smart devices rather than desktop computers is ever-increasing.
The Internet of Things is here and the attackers are looking for ways to make money out of it. If they can make money we can expect attacks against it. So if we want to solve the problem of security we have to be able to secure these things; we have to be able to build in better security into the devices.
So, are the threats growing, changing? What can be done? Mikko Hyppönen gave a short interview after his keynote about exactly those challenges.
The thing that worries me regarding IoT security is that security is not the most important thing when you build an internet-connected device. […] Security will never be the main design goal.