Why cybercrime on the rise means telcos may be back in control

Good morning sir, this is the Internet police.

Pull over, turn off your WiFi, and show me your registration and license please.

Did I do something wrong, officer?

You exceeded the number of authorized TCP sessions, we suspect a botnet took control over your household, sir.

This is purely fictional of course but it may become real sooner that we think.

In 2017, 40% of the world population has access to Internet and the biggest companies in the world are working hard to increase penetration, bridge the digital divide as they like to say.

Facebook drones, Google loons, SpaceX satellites, they all want a chunk of the big pie. Now that most of the developed markets are completely saturated, the biggest companies in the world are racing for the untapped markets.

In the other hand, the number of connected devices behind every single home connection is blowing up as well. We live in the Internet of Things era, we believe that every piece of hardware needs an IP and a direct connectivity to Internet.

In 2016, according to the intelligence company HIS, it could be found four internet connected devices in every household in the world. Assuming one laptops, two smartphones and one tablet, the average cost of these devices would be around 400$, just an educated guess.

In a few years, not only the number of connected devices per household will increase by 10 times but the average cost per device will also be divided by tenth. More devices connected, cheaper devices, weaker devices.

There is a possibility that we are living the last moments of a golden age

Combined the two effects (penetration + number of devices per household increase) and you rapidly understand what the recent concerns about IoT are made of. More and more devices are connected to the Internet. There are cheaper and weaker. You also realize that the unprecedented attacks on the Internet infrastructure are just the beginning, prequel of a new digital order.

These attacks were massive by the number of devices involved and the traffic generated. And this is going to happen over and over until drastic measures are taken.

As I wrote in an previous article, I believe this status quo is a joint responsibility of two main stakeholders: device manufacturers and Internet service providers (the ones providing the access layer).

Their jointed efforts can rapidly mitigate the problem if they decide to. Sadly, it will not come without a series of measures that will seriously affect the way we enjoy Internet as of today.

Net neutrality will rapidly become the least of our concerns, we may be looking at the first warning signs of a new Internet which would be controlled/filtered/restrained.

I am betting on a world where you would need a license to browse Internet freely. It sounds like Sci-Fi but is it?

Let’s take a fair comparison

It may feel normal to everyone that driving a car require a license. Before hitting the road, everyone needs to spend some time in classes and practice his driving skills with an instructor. Because the road is dangerous and there is a risk to harm yourself and others.

Now let’s get back to Internet. So far, being connected to Internet seem harmless and we don't probably consider ourselves as a threat to others.

But let’s imagine a world not so far away where your household hosts dozens of connected devices. Devices that you just buy, power on and attach to Wifi. One-touch configuration devices. These objects are perfect targets for botnets and malwares that will attack them and use them to spread and perform massive attacks on critical parts of the Internet infrastructure.

On a side note, in North America, households count in average 13 connected devices. This is not anticipation, this is happening now.

So I am -partially- responsible if Twitter is down? Is it really a life or death issue?

So far, the attacks have mainly targeted the Internet infrastructure impacting the connectivity of hundreds of millions of people, causing millions of dollars of revenue loss to companies that probably can take the hit.

But these attacks don’t only target Internet but physical infrastructures as well. More devices are connected in your home, more devices are also connected in critical infrastructures all over the world: electrical grid, traffic lights, power plants, train and airplane traffic control...

A few days ago, Ukraine was victim of a major blackout disrupting power to between 100,000 and 200,000 people, supposedly caused by a cyber attack.

By attacking critical infrastructures, there is a high risk to cause injuries and even casualties. Human lives are at stake here.

To prevent that, there is a high chance that Internet providers decide at some point that you as an Internet customer is partially responsible for any damage caused by the devices connected in your household, legally liable in front of the law for any damages you and your connected devices may cause. Such as a car driver that get into an accident on the roadway.

Realistically, service providers cannot ask everyone to spend a few hours of IT security courses to be eligible for an Internet broadband connection. This is not possible. Such as people can use public transportation or call a Uber to get from point A to point B, people should be able to connect to Internet without facing any responsibility if they are not willing to take any.

So what's next?

I believe that service providers will finally decide to put customers into sandboxes. ISP’s will control, (deep) inspect, rate-limit every single customer connection so that no attack can be ever initiated from their network. Customers will not be in control anymore but a single passenger in a vehicle managed by the Internet provider.

ISP's will probably even intrude into the customer home network and decide which device can connect to Internet and which device can’t. It is very easy to anticipate the immense commercial opportunity behind this. ISP's will be able to approve and control every single connected device in your home, pushing their own range of network devices and denying access to unapproved equipment’s.

Let’s look at the big picture. The new Internet is certainly going to be extremely profitable for Internet service providers that will rapidly wipe off any sort of net neutrality concerns for the sake of national security. ISP's will entirely rule the way customers connect to Internet, enforcing policies, pushing devices into the customer household and deciding which content can be access or not.

Telcos taking back control

Quite an interesting turnaround when we think about how OTT have gained traction over the past few years, cannibalizing the telco main revenue streams and pushing them into an inextricable equation of a drowning revenue and a blowing usage.

In this new age, telecom operators are back in control. Telcos are the Internet gatekeepers and as such, they will own the customer and dictate their own rules. Just forget about downloading or streaming the last Star Wars episode illegally, forget about using a VPN for privacy issue, it is going to be forbidden and you cannot do or say anything about it.

Or Yes you can

If you still want to drive your own Internet access, just spend a few hours in IT class, get your license and sign this contract that state that you will be liable for any damage caused by you or your home device and you will be all set to hit the road like in good old 2017!

Source:

https://www.internetlivestats.com/internet-users/

https://www.itechpost.com/articles/20699/20160614/internet-connected-devices-changed-household.htm

https://www.nextgov.com/defense/2016/12/ukrainian-power-company-99-certain-blackout-result-cyber-attack/134141/