Cybercrime is still one of problems in United States. According to a report by James R. Clappr, Director of US National Intelligence, Cybersecurity remains America’s greatest threat.
The main thing is Internet of Things. The broad catch-all for internet connected home appliances, ranging from baby monitors to thermostats. Clapper describes the risk as:
Security industry analysts have demonstrated that many of these new systems can threaten data privacy, data integrity, or continuity of services. In the future, intelligence services might use the [Internet of Things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.
“Intelligence services” in here mostly means spy networks from other countries, with hackers and spooks cracking into unsecured devices and peeking around inside. As threats go, this is relatively easy to mitigate and almost impossible to prevent entirely. Many devices, like pacemakers, come with either no or just default encryption settings.
Adm Michael Rogers, the director of the National Security Agency, said in an appearance at a Washington Thinktank last month that it was time to consider making the home device “more defensible”, but did not address the opportunities that increased numbers and even categories of connected devices provide to his surveillance agency.
The White House’s new cybersecurity initiative, unveiled on Tuesday, pledged increased security for nontraditional networked home devices. It tasked the Department of Homeland Security to “test and certify networked devices within the ‘Internet of Things’.” It did not discuss any tension between the US’s twin cybersecurity and surveillance priorities.
Connected household devices are a potential treasure trove to intelligence agencies seeking unobtrusive ways to listen and watch a target, according to a study that Harvard’s Berkman Center for Internet and Society released last week. The study found that the signals explosion represented by the internet of things would overwhelm any privacy benefits by users of commercial encryption – even as Clapper in his testimony again alleged that the growth of encryption was having a “negative effect on intelligence gathering”.