Growing Internet Connectivity Could Increase Malware Attacks
As our daily lives become increasingly linked to — and controllable by — the internet, experts say we may encounter computer viruses attacking us in a host of new ways.
With items not traditionally thought of as vulnerable, such as cars, home appliances, and electric meters going online, consumers are now opening themselves up significantly more channels for infection.
“Connectivity makes us more exposed and vulnerable,” said Marianne Swanson, Senior Advisor for Information System Security with the National Institute of Standards and Technology (NIST).
Issues of identification theft , system corruption, and personal privacy could arise, Swanson said, as people take advantage of the convenience and practicality of syncing and operating household items such as refrigerators and air-conditioners over the Web.
Swanson cited the electric car and its recharge station as an emerging technology offering yet another point-of-entry for digital danger.
As connectivity increases, "there are more ways to tap in and find more information about you," Swanson said.
A plan is in place
One of those ways that has become prevalent in the security sector is malware. Designed to infiltrate computer systems without the owner’s consent, malware, short for “malicious software,” can be used to steal data and private information. For years malware has been an issue that has affected personal computers , and more recently has become a problem for smart phones .
A malware-affected system could also have implications on a much larger scale. “Smart grid” technology, in which home and municipal utility meters are monitored and operable over the internet, could lead to significant troubles affecting great numbers of people if attacked by malware, Swanson said.
Despite the valid security threat accompanying our growing connectivity, Swanson said there are up-to-date security protocols in place to deal with these risks as they arise.
Swanson cited the NIST document, “Recommended Security Controls for Federal Information Systems.” Written in 2003 and revised three times since, the paper outlines computer security guidelines adhered to by all U.S. Federal agencies, including the Department of Defense and the CIA.
Regarding the smart grid and new advances in connectivity, Swanson urged the need to get in at the ground level to ensure protection.
“We can take the lessons we learned 20 years ago when building the internet and build in security measures early, while the infrastructure is being built,” Swanson said. Those lessons include placing the new internet-connected items such as appliances and cars on a different, secure internet that is separate from the home computer system, and running anti-virus and firewalls to prevent security attacks.
“We’re not going to throw away the internet just because it’s susceptible,” Swanson said. “We’ll make sure we protect ourselves the best we can.”
Mark Guppy, a Principal Engineer with Defense Web, a San Diego-based software solution provider that builds websites primarily for the U.S. Military, shares Swanson’s cautionary outlook, but sees security keeping pace with burgeoning technology.
“As items become more connected,” Guppy said, “there becomes the need for more secure physical systems.”
Guppy brought up the idea of “smart traffic,” a system currently being developed by IBM that uses sensors on the road to monitor traffic patterns and sends that information to cars hooked up to the same internet system. In a smart traffic system, he explained, cars could be remotely stopped to conserve fuel and prevent accidents.
Much as Swanson outlined the smart grid as a potential target, Guppy said there is the potential for disaster if a smart traffic grid is implanted with a virus. “It would be a catastrophe if that system was compromised,” Guppy said.
He stressed the importance of preempting security breaches by setting up separate, secure internet connections for different devices.
“There will be more targets for attack in the future,” he argued, “but ideally a smart grid or house wouldn’t use the same connection as a personal computer.”
Guppy maintains a high level of confidence in computer security systems — be they tied to toasters or turbines—to face security threats that will emerge in the future.
“Connective technology will always be a balance of convenience and security,” Guppy said.