From “ethical” hacking to criminality
Hacking in its simplest form is like exploration. It is mainly about subverting an object’s intended function. This subversion may be beneficial and help to resolve faults or weaknesses in a number of areas. This is commonly called “ethical hacking”, a discipline included in the curriculum of some computing schools. Companies, from start-ups to large groups, are also eager to employ these individuals to detect bugs. Microsoft, for example, offers up to $100,000 to anyone who can identify security flaws in its operating system. However, other hackers are cyber-criminals and have much less honorable intentions…
Anything connected can be hacked?
Each year, the Defcon conference in the United States assembles the leading hackers and specialist security researchers to examine new hacking challenges. This year, the conference showcased an astonishing installation – a village of hackable connected objects. From the baby monitor to the refrigerator, hackers carried out a series of demonstrations before an astounded audience of journalists. A few months earlier, two US hackers, with the help of Wired reporter Andy Greenberg, succeeded in remotely taking control of the onboard computer of a Jeep, including windshield wipers and radio, and shut off the engine… The Fiat Chrysler group has since announced that almost one and a half million vehicles were affected by this flaw. Two years earlier, the trio had carried out the same demonstration, except that at the time the hackers had to be in the vehicle to take control. Hacking is moving forward alongside technology and its risks are growing, from smart electricity meters to hacking of drones by terrorists… Worrying. Citizens and authorities are now becoming aware that wherever there is an internet connection there is also a risk of hacking. The detection of flaws by well-intentioned individuals also actively promotes this awareness.
It is clear that we are rushing to adopt new technologies before we have even had a chance to address all the potential security flaws. For the first time, increased hacking of connected objects – objects present in our personal lives – raises the question of the responsibility of software designers and developers of connected objects. They must now focus on security solutions to protect our data. And this security must not solely relate to the Cloud and data exchange, but also be incorporated into connected objects themselves.