Right now, there are dozens of cyberattacks raging across the globe — digital warheads being flung across state lines and international borders at corporations, people, and government computers. The military’s Defense Intelligence Agency monitors dozens, if not hundreds of cyber-attacks every day, many of which it fully acknowledges come from the massive insecure network of internet-capable devices, aka the “internet of things.”
“As the world becomes more interconnected, the same technologies that enrich our daily lives — like digital thermostats and smart refrigerators and virtual assistants — also present serious cyber vulnerabilities, and that is why we cannot be satisfied to simply be prepared for, monitor and defend from these threats,” said Janice Glover-Jones, the Chief Information Officer at the Defense Intelligence Agency, said in her opening remarks at the Department of Defense Intelligence Information System Worldwide Conference, or DoDIIS, on Monday in St. Louis.
The stark reminder offered by Glover-Jones was a stark reminder that the scope of international cyber crime is staggering — and she had images to prove it. This live map of cyber attacks going on — presented by the Norse Corporation on its website — is hypnotic for it’s laser-like pinging, from a computer in one location to another.
The DoDIIS conference brings together representatives from FBI, the CIA, the National Security Agency, the National Geospatial-Intelligence Agency, the Office of the Director of National Intelligence, and dozens of private organizations to discuss the threats facing the intelligence community.
“We are in a new era where cheap and readily available technologies have increased the capability to capitalize on and exploit our technical expertise,” Glover-Jones said, pointing to the recent Petya ransomware attack and the WannaCry attacks that crippled systems held computer data for ransom. One of the largest cybersecurity failures was last year’s Mirai botnet attack, which blacked out websites by using a sophisticated botnet of internet-connected devices to create a massive DDoS attack.
As Glover-Jones pointed out, the wide scope of cyber capabilities available for hire or purchase online mean widespread attacks can be performed by nearly anyone, not just military intelligence agencies.
“The scope of the threat and attacks that our nation faces continue to evolve and expand in unpredictable ways,” she said. “Advanced nation states, small isolated countries, transnational groups and even lone actors unconstrained by international borders and rules are maliciously taking advantage of these destructive techniques. They are acting in a manner and at a speed that cannot surpass our efforts.”
To demonstrate this, she brought out a child-hacker, Reuben Paul, an 11-year-old “CEO” of CyberShaolin, who proceeded to hack an internet-equipped teddy bear on stage. Paul, an obviously precocious and talented child, may have seemed like a sideshow at a serious defense officials conference, but it highlighted just how common and easy tapping into the internet of things is. If the beginning of this conference is any indication, the DoD might finally be taking this seriously.