Security in the realm of Cloud, AI and Voice

Traditionally, security was simply about keeping ‘outside’ people out. We put up fences and locked our doors to prevent any unauthorized entry.

Similarly, the early days of cybersecurity focused around preventing unknown outsiders from hacking their way into computers.

Today, however, it is much more complicated; security threats are emerging not only from existing and new technologies, but also as an unintended consequence of how the use of technology is evolving.

For example, whether at home or in the office, we’re putting more and more sensitive data into the cloud and mobile devices.

Photos, email addresses, customer data, intellectual property; in the age of digital, we have more to lose than ever before.

Given the pace of innovation happening around us and the benefits it is bringing to businesses and the society in general, it is unlikely that the adoption of these innovative technologies is going to slow down in the wake of heightened cyberattacks.

Instead, cyberattacks will emerge as one of the greatest risks of doing business as technology adoption increases.

As 2017 rolls around, cybersecurity will play a far more important role than ever before and have significant impact on foreign policies, trade law, demographics, corporate policies and market forces.

Here are my top three technology-specific trends that have the potential for changing and challenging our world in 2017 and beyond:

Prediction 1: The Cloud as an expanding attack vector

Migrating to the cloud creates new layers of complexity in cybersecurity; these complexities open up opportunities for hackers to exploit.

Distributed denial of service (DDoS) attacks may rise against Cloud providers, impacting business against clients in an untargeted fashion.

As an example, the Mirai botnet has been used in some of the largest and most disruptive DDoS attacks.

Devices infected by Mirai continuously scan the internet for the IP address of Internet of things (IoT) devices to take over — think home routers and webcams.

There are hundreds of thousands of IoT devices which use default settings, making them vulnerable to infection. Mirai, if used to attack specific targets, can be used to bring down websites, services, or even internet infrastructure, which can mean wide scale outages.

Prediction 2: Rise of Autonomous machine hacking

Automated - and autonomous - hacking machines designed to rapidly seek out vulnerabilities and potential breaches in networks are here.

In this year’s Darpa Cyber Grand Challenge, the hacking contest pitted bot against bot, rather than human against human.

The bots played offense and defense, fixing security holes in their own machines while exploiting holes in the machines of others.

Bugs were discovered far quicker than any human ever could; the bots’ performance surprised and impressed security veterans and the organisers, showing that ‘hackers” don’t need to be human anymore.

The use of autonomous machines is also rising in healthcare, transport and defence. Surgeons already use robots in the operating theatre, albeit with the surgeon remaining in total control. As technology improves, however, one can envision a robot being fully in charge.

When medical robotics replaces human touch, there lies the risk of attackers influencing diagnosis, medicine and operations.

Rogue hackers or state actors may even launch self-directed hacking machines to anonymize attacks to overwhelm rival national cyber defences or to trigger a response that may quickly evolve into geopolitical and economic crises.

Prediction 3: Platforms and technology around voice-activation

The emergence of voice-activated AI platforms such as Siri, Cortana and Amazon Echo represent a new level of human and technology convergence. As the line between artificial and human intelligence blurs, machines will become a bigger part of human beings and the human experience.

“Normal” human behavioural traits and expectations, such as personal and intimate privacy, will be challenged by the ever present eavesdropping of AI technology that interacts with — and knows — everyone in its presence.

These voice-activated AI platforms listen to and analyse commands, and if your data is being analysed, it means that it is being stored somewhere. Is your data then being appropriately secured when stored or processed by Cloud-service providers?

Beyond that, Adobe recently demonstrated technology that allows for edits on recorded speech - we’d be able to alter what that person said, or create entirely new sentences from a pre-existing audio recording. It can be potentially misused where voice security feature is used for authentication.

However, Adobe says it is aware of the potential misuse of this technology and is working on embedding audio watermarks.

The rise of voice-activated AI to access Web, data and apps will open up creative new attack vectors and data privacy concerns.

Conclusion

Technology is evolving rapidly and changing the way we function in the world.

Cybersecurity is becoming critical to run it well as hackers are looking for new ways to exploit technology for monetary gains.

So here’s my advice to business owners: Cybersecurity is not just a part and parcel of the everyday cost of doing business; it is an essential tool to protect your personal data and intellectual property.

This commentary was contributed by Mr Maurizio Garavello, Vice President of Sales, Asia-Pacific, Forcepoint. The views expressed are solely the contributor’s own, and do not reflect any official position of GovTech.