By: Jesse Cryderman
On August 10, Marc Gilbert heard a voice coming from the bedroom of his two-year-old daughter, but it wasn’t his wife’s and it certainly wasn’t a lullaby. The voice belonged to a man with a British accent who had hacked into the Texas home to unleash a diatribe of explicit language. When Gilbert entered the room to investigate, he discovered a seemingly demon-possessed child-monitor webcam, but before he could unplug it, he and his wife were also verbally abused by the hacker.
Scary stuff, to be sure, and scarier still when you consider that it’s hardly the first time: back in 2009 an Illinois man sued the manufacturer of the Summer Infant Day and Night Video Monitor, alleging that the device was insecure and could inadvertently be used to eavesdrop on unsuspecting owners.
But these are just isolated incidents ... right? Well, no—hacking of in-home security and child-monitoring devices is so prolific that in January of last year there were almost 700 “live feed” links generated from cracked cams and posted on hacking websites
that granted unauthorized access into people’s lives. The irony, of course, is that these devices became the embodiment of the very thing they were designed to prevent: home intrusion.
Wi-Fi- and IP-enabled in-home devices aren’t the only cause for concern. Pipeline has reported extensively on hackers’ ability to unlock car doors with cell-phone signaling and crack into smartphones to spy on users,
as well as the giant security holes in our public utilities’ control systems. Hackers might even mess with your venti vanilla soy latte: news recently broke that Starbucks is
transitioning its coffee makers to web-controlled models.
Hackers have access to more ports of exploitation than ever before. Soon all cars will be connected, most appliances will be “smart,” and even roadway intersections and public places will be
monitored by an eye in the sky. Unfortunately, when it comes to information technology it’s always been the case that profit motives trump security concerns. And as more and more devices are
connected and rushed into commercialization prior to thorough security fortification, the answer to the question “What will they hack next?” becomes simple: everything. Therefore the challenge,
not to mention the market opportunity, for communications service providers (CSPs) and vendors lies in preventing the inevitable by leveraging security solutions that address the inevitable.
Individual delinquents, small hacking groups and organized syndicates have not only evolved the methods they use to attack digital targets, they’ve also increased the frequency of their attacksand widened their target base. According to Symantec, the number of targeted attacks rose 42 percent from 2011 to 2012 and continues to grow, and its Norton subsidiary estimated two years ago that cybercrime costs the world $114 billion each year, a number that’s also rapidly increasing.
The two fastest-growing attack vectors are the cloud and mobile, and within these categories, threats to social networks are also booming: Symantec reported a 125 percent rise in the number of sites that were spoofed between 2011 and last year, for example. These kinds of attacks go all the way to the top: President Barack Obama’s Facebook and Twitter accounts were both hacked at the tail end of October by the hacktivist collective known as the Syrian Electronic Army.