The Father of the Internet sees the potential of the Internet of Things. But there are also risks associated with having billions of connected devices, Vint Cerf said at the Fourth Annual Cyber Security Brainstorm.
“The headline I worry about is ‘100,000 Refrigerators Attack Bank of America,’” said Cerf, who helped develop the TCP/IP protocols and basic architecture of the Internet. “The problem here is that it’s not as silly as it sounds… you can’t buy a dumb computer anymore. So the computer power in a refrigerator operating system might be enough to run a reasonable version of Linux, in which case, if somebody gets access to your refrigerator or somehow penetrates the home network and installs a bunch of software running in the refrigerator control, the refrigerator is running just fine, and it does all the right things and oh by the way it attacks Bank of America on the side.”
Gartner Inc. has forecast that 4.9 billion connected things will be in use by the end of this year, up 30 percent from 2014, and will reach 25 billion by 2020.
“Believe me this is keeping me awake a lot. Think about it, you put all these devices out there, potentially billions of them. And you know that there are bugs in the software. So how do we make sure that they actually get updated when we discover the bugs? And then the next problem is how do we know that the update was legit or whether it was in fact something that somebody decided to put into your system that you didn’t want,” Cerf said.
Authentication and configuration are critical, he said.
“I still believe that we must outfit these devices with the ability to strongly authenticate that which they interact with. So it starts are the edge of the net. It’s not something you can do anywhere else. The devices have to be configured in such a way that they refuse to interact with anything they can’t validate,” Cerf said while participating in a panel discussion following his remarks. “Somewhere the design has to start with that premise, that the edge devices must defend themselves.”
Despite the hurdles, the Internet of Things offers great promise, but security must be built in, said Chris Inglis, retired deputy director of the National Security Agency.
“I’m bullish,” Inglis said. “I think that the Internet of Things is a huge boon to mankind if we in fact engineer it such that it has an inherent security property about it, (and) it’s inherently defensible, (and) if we do those things that cover people, technology, and process. But those have to be built in up front, and it needs to be a shared proposition between all parties…it can’t be the burden of one group alone, the technologists. They can’t do this on their own.”
What (Else) Keeps Me Up at Night
Phishing attacks. “I can’t tell you how important it is to find ways to inhibit those sorts of attacks,” Cerf said. “The worst part about phishing attacks is that if you are persuaded to click on something and it installs a key logger or something else you are really hosed.”
Weak certificate authorities. “It looks so cool on the surface,” Cerf said. “We have public key encryption. We’ll just issue a certificate, and we’ll digitally sign it, and people can check to see if it’s okay because it was signed by the certificate authority… except now we discover that certificate authorities are compromise-able, either by direct attack or because someone paid them to issue a false certificate… It turns out that’s not going to help very much. We have to do something else.”
Practices That Seem Important to Me
- Two-factor authentication. “We introduced two-factor authentication [at Google] in 2011 or so,” he said. “We minimize the privileges that people have to get access to our systems,” Cerf said. “I have to use my two-factor authentication system inside Google to get access to any of the Google facilities. We don’t play the perimeter game and think that just because you’re inside the perimeter you’re okay. We know better than that.”
- Be religious about post mortems. “Every time something breaks you get to learn something.”
- Continuous monitoring. “Keep watching all the time. The reason is that it will give you a baseline, and then you can figure out what things are unusual or abnormal.”
- Back-up testing. “We actually shut down the primary systems and go on backup for live traffic. This is not in the lab. This is serious back-up validation. I’m always kind of terrified of this.”