{"id":99896,"date":"2016-12-22T10:55:56","date_gmt":"2016-12-22T15:55:56","guid":{"rendered":"http:\/\/countingpips.com\/?p=99896"},"modified":"2016-12-22T06:56:31","modified_gmt":"2016-12-22T11:56:31","slug":"fatal-disasters-hacking-the-internet-of-things","status":"publish","type":"post","link":"https:\/\/www.investmacro.com\/forex\/2016\/12\/fatal-disasters-hacking-the-internet-of-things\/","title":{"rendered":"Fatal Disasters: Hacking the Internet of Things"},"content":{"rendered":"
December 22, 2016<\/div>
\r\n<\/div><\/div>

By WallStreetDaily.com<\/u><\/a> \"cybersecurity\"<\/p>\n

It\u2019s just a matter of time before we move from hacked elections to hacked hospitals. And that\u2019s when the body count starts.<\/strong><\/i><\/p>\n

\n

Dear Wall Street Daily<\/em> Reader,<\/p>\n

We haven\u2019t heard much out of Trump Tower about cybersecurity during the presidential transition.<\/p>\n

Of course, there\u2019s no reason for The Donald to draw even more attention to things like Russia\u2019s global hacking activities, which, to hear aggrieved Democrats tell it, are the sole cause of Hillary Clinton\u2019s loss.<\/p>\n

Funny thing is, whether or not Vladimir Putin won the election for Donald Trump is just commentary after a game now relegated to the dustbin of history.<\/p>

\r\n
\r\n

Free Reports:<\/p><\/div>\r\n

\r\n

<\/a>\r\n\t Get Our Free Metatrader 4 Indicators<\/u><\/b><\/a> - Put Our Free MetaTrader 4 Custom Indicators on your charts when you join our Weekly Newsletter<\/p>

\r\n
\r\n
\r\n

<\/a>\r\n\t Get our Weekly Commitment of Traders Reports<\/u><\/b><\/a> - See where the biggest traders (Hedge Funds and Commercial Hedgers) are positioned in the futures markets on a weekly basis.<\/p>

\r\n<\/div>\r\n

\r\n
<\/div>\n

All the pearl-clutching notwithstanding, the Integrity of Our Democracy has long since been compromised by more prosaic factors such as money, greed, and power.<\/p>\n

Here\u2019s another cold, hard reality: There are bigger threats out there\u2026 threats that can literally kill you.<\/p>\n

For Instance: Check out \u201cwhat every browser knows about you<\/a>.\u201d<\/p>\n

Really, click through the link. There you\u2019ll find exactly what happens when you\u2019re connected to the internet.<\/p>\n

As Mark Frauenfelder of Boing Boing notes, \u201cany website you visit\u201d is able to figure out \u201cyour location, operating system, browser plugins, previously visited web page, local and public IP, service provider, social media networks you are logged into, devices on your local network, and more.\u201d<\/p>\n

Good news, though: There are also ways to cover your trail. \u201cThe site also shows you,\u201d Frauenfelder writes, \u201chow to hide any of this information that you don\u2019t want to reveal.\u201d<\/p>\n

So Russia may or may not have hacked the U.S. presidential election.<\/p>\n

\n

Here\u2019s another cold, hard reality: There are bigger threats out there\u2026 threats that can literally kill you.<\/i><\/b><\/p>\n<\/blockquote>\n

What we can be more certain of \u2014 via Slashdot, which links to a <\/i>CNNMoney story, may or may not be more credible than the U.S. Intelligence Community \u2014 is that Russian hackers are capable of skimming about $5 million a day through an online video advertising scam.<\/p>\n

Startup cybersecurity company White Ops sniffed out the fraud. Here\u2019s its report on the Methbot operation<\/a>, \u201cthe largest and most profitable ad fraud operation to strike digital advertising to date.\u201d<\/p>\n

Until December 20, when White Ops published its report, the total haul was around $180 million.<\/p>\n

There\u2019s also news via Slashdot that \u201cAircraft Entertainment Systems Hacks Are Back<\/a>\u201d:<\/p>\n

\n

Researchers at IOActive today disclosed vulnerabilities in Panasonic Avionics in-flight entertainment systems<\/a> that were reported to the manufacturer close to two years ago. The flaws could be abused to manipulate in-flight data<\/a> shown to passengers, or access personal information and credit card data swiped at the seat for premium entertainment or internet access. Given that the firmware is customizable and used by dozens of airlines in hundreds of aircraft models, the researchers said it\u2019s almost impossible to determine whether the vulnerabilities no longer exist across the board.<\/p>\n<\/blockquote>\n

This is really just nuisance-type stuff \u2014 theft, inconvenience, and a pain in the ass. You can recover from it.<\/p>\n

Though he had no idea how ironic it would read when he said it at the RSA cybersecurity conference back in February 2014, Director of the Federal Bureau of Investigation James Comey noted: \u201cThe fact of the matter is that the United States faces real threats from criminals, terrorists, spies, and malicious cyber actors.\u201d<\/p>\n

So Jim, what do we do about it?<\/p>\n

\u201cThe private sector,\u201d Comey said earlier, in a statement read prior to his testimony before the Senate Committee on Homeland Security and Governmental Affairs in November 2013, \u201cis the key player in cybersecurity. Private-sector companies are the primary victims of cyberintrusions. And they also possess the information, the expertise, and the knowledge to address cyberintrusions and cybercrime in general.\u201d<\/p>\n

There\u2019s a big problem with this analysis, particularly when it comes to the proliferation problem that is the internet of things (IoT).<\/p>\n

As we wrote in the August 16, 2016, Wall Street Daily<\/i><\/a>, device-makers put profits ahead of security. In fact, research by authentication provider Auth0 found that 85% of IoT developers admitted to being pressured to get a product to market before adequate security could be implemented.<\/p>\n

\n

This is really just nuisance-type stuff, theft, inconvenience, and a pain in the ass. Stuff you can recover from.<\/i><\/b><\/p>\n<\/blockquote>\n

Pretty sure the digital advertising fraud probably aggravated you, if at all, for its Russian component. And you might think twice about using in-flight services, particularly if you have to swipe your credit card to get access.<\/p>\n

Meanwhile, that massive distributed denial-of-service (DDoS) attack that took down much of the internet in October via the hacking of webcams and other vulnerable connected devices took down some websites, but it didn\u2019t kill anyone.<\/p>\n

How\u2019s this grab you: Cybersecurity expert Bruce Schneier, testifying in November before House Energy and Commerce Committee, said that event exposed \u201ccatastrophic risks\u201d in the growth of the IoT.<\/p>\n

As Mike Orcutt wrote for MIT Technology Review<\/i>:<\/p>\n

\n

Schneier and other experts testified that the same poor security exists in computers making their way into hospitals, including those used to manage elevators and ventilation systems. It\u2019s not hard to imagine a fatal disaster, which makes it imperative that the government step in to fix this \u201cmarket failure,\u201d he said.<\/p>\n<\/blockquote>\n

Indeed, a December 1, 2016, report prepared by the Obama administration\u2019s nonpartisan Commission on Enhancing National Cybersecurity takes a more neutral tack, observing, \u201cTechnology companies are under significant market pressure to innovate and move to market quickly, often at the expense of cybersecurity.\u201d<\/p>\n

Its first recommendation for President-elect Trump emphasizes public-private cooperation:<\/p>\n

\n

The private sector and the administration should collaborate on a road map for improving the security of digital networks, in particular by achieving robustness against denial-of-service, spoofing, and other attacks on users and the nation\u2019s network infrastructure.<\/p>\n<\/blockquote>\n

In addition to imperfect market incentives, cybersecurity is a fragmented industry, with literally hundreds of products and services across tens of separate categories. And threats multiply as fast as malefactors can ideate them.<\/p>\n

Establishing \u201ca road map for improving the security of digital networks,\u201d let alone finding a vehicle to generate profits for your portfolio, is not a straightforward task.<\/p>\n

We\u2019ve identified three vehicles in this space, including the PureFunds ISE Cybersecurity ETF<\/b> (HACK), Imperva Inc.<\/b> (IMPV), and NetScout Systems Inc.<\/b> (NTCT).<\/p>\n

We\u2019ve also written up DDoS specialists Nexusguard Inc. and Zenedge Inc. as well as website protection\/performance outfit Cloudflare Inc., all still privately held.<\/p>\n

\n

In addition to imperfect market incentives, cybersecurity is a fragmented industry, with literally hundreds of products and services across tens of separate categories. And threats multiply as fast as malefactors can ideate them.<\/i><\/b><\/p>\n<\/blockquote>\n

Performance has been generally mediocre, with the PureFunds ETF up 3.6% since August 16, versus a 3.7% gain for the S&P 500 index, 4.2% for the Nasdaq Composite, and 11.4% for the Russell 2000 Index.<\/p>\n

Imperva is up 2.3% since October 27.<\/p>\n

NetScout is the valedictorian of our small-cap cybersecurity suite so far, with a gain of 11.3% since our first mention in the October 27 issue, versus 6.1% for the S&P 500, 4.5% for the Nasdaq, and 14.9% for the Russell 2000.<\/p>\n

NetScout is virtually ubiquitous, serving, by its accord, 90% of the world\u2019s Tier 1 internet service providers, with \u201cvisibility into one-third of global internet traffic.\u201d<\/p>\n

As we noted on August 16, the next president of the United States is going to face a serious cyberthreat, \u201ca massive internet disaster.\u201d<\/p>\n

It\u2019s going to come from the IoT.<\/p>\n

Let\u2019s hope that road map starts at Trump Tower.<\/p>\n

\n

Money Quote<\/b><\/h3>\n

Brian Krebs, proprietor of KrebsOnSecurity.com, former cybersecurity columnist for The Washington Post<\/i>, and author of New York Times<\/i> best-seller Spam Nation: The Inside Story of Organized Cybercrime \u2014 From Global Epidemic to Your Front Door<\/i>, has more good advice on how to protect your cyber-self:<\/p>\n