WikiLeaks founder Julian Assange on Thursday pledged to share with technology companies the technical details of the purported CIA hacking tools his organization described earlier this week. Photo: YouTube
THANKS to a document dump by Wikileaks this week, the world now knows just how far governments can go to hack our devices to glean our private information or possibly spy on us.
For those paying close attention to such things, it didn’t come as a surprise so much as further confirmation. And made it clear why this wasn’t just something the intelligence community should be worried about. Because as we move to an increasingly connected world it’s going to be an issue that could affect everyone.
The common defence for the level of covert surveillance revealed by the Vault 7 files published by Wikileaks is that it if you have nothing to hide, than it shouldn’t worry you.
In fact, a number of news.com.au readers backed that view in the our comments section this week.
But even if you care little about the principle of people’s right to privacy in the digital age, as we move towards an increasingly connected world where all our devices interact over a network — dubbed the Internet of Things (IoT) — the potential for more immediate harm to be done by remote hacking is significant. And it certainly won’t just be governments doing it.
Maybe you’re not that fussed about the potential for someone to read your e-mails or switch on you smartphone microphone to listen in while you’re on the toilet. But what about tampering with your heating system, or remotely hijacking your car?
When even your toaster is connected to the internet the potential for malicious hacking becomes a more significant.
The greater level of metadata (digital information) created by the move towards the Internet of Things and the increased level of access hackers have to your personal data will invariably make consumers more vulnerable says cyber security expert Nigel Phair, adjunct professor at the University of Canberra.
“When you look at what comes out of this (CIA hacking) with the Internet of Things — that’s just ready to explode,” he said.
“Whether it’s smart electricity meters now that are opened up for hacking because they’ve got push and pull notifications, all the way through to other things that track us.”
The kind of hacking techniques detailed in Vault 7 — which the CIA lost control of and have since reportedly been traded on the dark web — will “absolutely” become more of any issue in the future, he said.
“Because all those devices of the Internet of Things, the sensory devices, are built with generally no security controls at all.”
For the most part, many devices that are built to have connectivity such as security cameras and DVD players for example, don’t have robust security defences.
If that continues, the potential for even small-time hackers to gain access to systems and wreak havoc is considerable. Last year, hackers took control of a massive network of such devices and used them to bombard servers in the US and temporarily bring down Twitter, Spotify, Netflix and dozens of other major websites.
“We need to think about these things before we go crazy into the whole connected home,” Mr Phair said.
“You start getting into the connected house, you know, how’s your electricity meter going to talk to your fridge, which will talk to your air conditioning system,” he said, warning that it could be exploited by criminals who know what they’re doing.
“I can hack that to find out if you’re electricity system hasn’t been used for the last week then I know someone’s away, that type of thing.”
For some time now, countless experts have been warning about the dangers inherent to the Internet of Things, including cyber security experts Richard Forno and Anupam Joshi form the University of Maryland.
“The fact that the CIA specifically targeted smart televisions should serve as yet another a wake-up call to the general public and technology manufacturers about cybersecurity issues inherent in modern devices,” they wrote in The Conversation this week.
“Specifically, ‘smart home’ and Internet of Things devices represent a massive vulnerability. They are open to attack not only by government organisations seeking intelligence on national security information, but terrorists, criminals or other adversaries.”
A NOTE ABOUT RELEVANT ADVERTISING: We collect information about the content (including ads) you use across this site and use it to make both advertising and content more relevant to you on our network and other sites. Find out more about our policy and your choices, including how to opt-out.