Forget IT Security, Think IoT Security: A Futurist's Take

My Facebook App has been talking to me of late. It has been telling me it knows I am near a Decathlon outlet for example. It's been telling me whats going on there, when I am around. Oh well, nothing new or unexpected since The Singapore Futurist has told you that is how shopping is going to shape up and how big data is shaping up.

Nonetheless, now that we are nearing the advent of IoT, its a cool idea to kind of prepare for it, in both positive and negative aspects now isn't it? Better now, than later? I mean, considering that we haven't quite gotten the basic, internet or IT security under wraps yet?

Fundamentally, the internet is the greatest thing the human species has ever done for itself yet. At the same time, humanity or those members of humanity that founded the internet to begin with, got somethings, well I won't say wrong, but compromised from the very start, in the very fundamentals. Wait, the problem, runs deeper. It comes even before the internet. Its with networking to begin with, you know, the process where one machine talks to another, that ultimately, allows the internet to work.

Very fundamentally and primary, how networking is designed, structured and maintained to the date of this essay, if that is what one would call this expression herein of mine, is networking or linking of computers whether through wires or wirelessly as now is possible for sometime, works with exchange of data in dual directions at least, if not more. This means, an individual on either end can use data transfer for malicious impact or effect on the other end, or if an individual is able to tap a network from the outside, then that individual can do the same thing. In lay man term, a person with a computing device that manipulate or attack connected devices maliciously. This including, to digitally rob banks; hack into bank systems or correspondences to illegally transfer monies from accounts, to enrich oneself. See the problem? Any measure to stop hacking or malicious use therefore simply serves as a speed breaker or roadblock that sooner or later, someone with malicious intent will find ways to circumvent or overcome, including the latest fad of blockchain. Someone will figure a way, to get around it. Houston, we have a problem.

Here is a Scary Scenario

Take my advice and read the following scenario once possible only in fiction very carefully because it is becoming very possible, very rapidly, in reality.

CCTV cameras are more common place today worldwide than ever before, and most of us in first countries pretty much live in literal Big Brother environment, so its pretty cool, because we are safe, as no one is stupid enough to harm us, given there is no way to get away, because everyone, by every movement, can be identified, tracked, located and caught, right? Well, that is what they are supposed to do, as in, the CCTV cameras. Want to guess, how most of these, these days, as in the cameras, transmit or relay the images or visuals? Digitally. They have hard-drives. They are connected. They can be hacked. They are part, pretty much, of what we call, IoT.

Your mobile phone gives away your location. Your location can be scanned for presence of other people's devices. If you are alone, in a vulnerable spot, this can be identified. Cameras in your vicinity and surrounding can be hacked and disabled or manipulated to hide or cover what is actually happening. Basically, the cameras or surveillance can be blinded. You can be robbed. You can be kidnapped. You can be murdered. The new hi-tech crime possibilities. Major graduation from online scams, blackmailing or hacking for transferring of money from banks. Look at history. Good guys got guns. Bad guys got guns. So now nation states and governments go hi-tech to take care of the people within their care, criminals go hi-tech too. Escalation.

Another Few Scary Scenarios

You know those beacons that track human or consumer movements? They can possibly be hacked or tapped to track maximum human presence or concentration in area, to trigger a smart bomb embedded with a web connected or data enabled smart device to ensure maximum kill rate.

You know that attack in Nice, France in 2016? Imagine a future where cars are driverless and connected, to be able to navigate and avoid running into things, where the cars are hacked to do exactly the opposite, which is to run into or over the maximum number of people.

How about aerial drones being fitted with beacons to detect smartphones or wearable devices, to target people to drop grenades or bombs on? You see, IoT works, because devices on our personal beings, are sending and receiving "messages" that can be intercepted. That is how your apps, and companies, know your locations, movements, patterns and behaviours.

Think rooftop or window, in which an improvised devise consisting a barrel, a chamber, a projectile and a beacon programmed to detect a mobile device of a certain contact number or userid, to carry out an assassination or a hit? And the hitman is long gone by the time the killing is carried out?

So, about that future?

We are in rapid evolution. Its sort of a cycle. A labyrinth. A lot of things I mentioned in the scenarios herein could already have been possible sometime ago, but much of it is not possible yet, which is good news, because organisations and governments have both been either going slow or forcing each other to go slow, till they think about solutions to some of the security problems that much of the progress with IoT can cause.

In terms of what IoT can and will do, oh we've not even seen the birth of it, in the light of day. Trust me, I am a Futurist. It is an awesome future ahead, when IoT develops and grows over the next decade, and then another, that will transform the experience of human existence like 99% of humanity alive today at least would not have imagined, in terms of ease, access, speed, communication and new possibilities, apart from the fun, fun and fun. At the same time, the scary scenarios I have talked about herein, well, if we don't fix or reboot the fundamentals of the internet which leave everything open for hacking, as I mentioned earlier, Houston, we have a problem.

Harish Shah is Singapore's first local born Professional Futurist and a Management Strategy Consultant. He runs Stratserv Consultancy. His areas of consulting include Strategic Foresight, Systems Thinking, Scenario Planning and Organisational Future Proofing.