I discussed the DDOS attack by Manchester’s Dyn with NHPR yesterday – it was the subject of my Monitor column – and I thought I had been pretty realistic about how bad the malware-infected Internet of Things could be.
But a Slate piece (here it is) puts me to shame:
The whole trend “feels like a nation’s military cyber-command trying to calibrate its weaponry in the case of cyberwar. It reminds me of the U.S.’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on,” so the U.S. Air Force could map the capabilities of Soviet radars and figure out how to elude them.
Is that what’s happening now? Is some nation-state figuring out how many IoT devices it takes to shut down larger chunks of the internet, and thus our society, as a whole? It sounds like paranoid science fiction from the 1960s, but the writers of that stuff were trying to scan the future as an extension of what was happening at the time, and in this case, they might have been on target.
Egad. On the other hand, some analysts think it was just “script kiddies” playing with easily obtainable software packages. I’m not sure that’s any more reassuring, however.
And legislators are taking note: Sen. Mark Warner of Virginia is floating some ideas, including “to label insecure devices as “harmful” to the internet, and perhaps allow internet service providers block them or prevent manufacturers from selling them in the US” reports Mortherboard.