When the first electronic computers where being developed in the 1950s, and the internet’s predecessor ARPANET handled its first message—“login”—it is likely that their inventors knew what a useful tool they were building for themselves. But in the 60-some years that followed, computers have changed every aspect of society to an almost unfathomable degree. From banking to socializing to commerce, whole industries have migrated from physical locations to virtual ones. Some of today’s most successful companies have no physical services or presence at all. As influential as the computer has been for the last half-century, there are signs that the internet revolution has only just begun.
For the majority of their existence, all information on computers was there for human beings’ use. Humans would provide inputs to the computer, computers produced outputs. Innovations such as digital sensors began to allow computers to get their inputs from a source other than directly from a human. Graphical User Interfaces (GUIs), the icon-and-mouse based interactions modern computer users are most familiar with, allowed for computers to have more human friendly inputs and outputs. Until recently, most computers were doing things for humans. If a computer was running a program it was because someone, somewhere, wanted that program’s output for their own purposes. This is the Internet of People. The next step is the Internet of Things.
The essential idea behind the Internet of Things is that more and more information is being generated which is not intended for us, but rather for the use of the ever-multiplying host of technological gadgets which surround us. The world is being populated with sensors which observe and devices which adapt automatically. They are denizens of the internet just as much as we are, sending and receiving information, using that information to work smarter. They are “things”, and they are the new members of the net.
As more and more “Smart” devices—consumer goods such as cars, thermostats and refrigerators which have been impregnated with sensors and given an internet connection—hit the market tasked with quietly monitoring your life and adapting to suit you, the Internet of Things continues to grow. Perhaps the most important stage so far in the evolution of the Internet of Things is the creation of virtual presences for physical objects. Small, inexpensive Radio Frequency Identification (RFID) tags allow computers to track the physical location of tagged objects. Mobile phones, which are usually exclusive to one person, go even further. As a primary conduit of information for many people, phones have the ability to find and record the location, relationships and hobbies of their owner. Without any prompting from us, it would seem that we and our surroundings are becoming a part of the internet. On the one hand, this a fantastical process with great potential to improve our lives. On the other hand, it must be remembered that the internet is not always a friendly place.
As our lives become more technology and internet-centred, crime on the internet becomes an ever greater concern. Recent months have seen dozens of high-profile security breaches from Target losing the information of millions of credit cards to the Syrian Electronic Army shutting down hundreds of websites and hijacking social media accounts. Broadly known as cybercrime, this type of crime includes anything from stealing sensitive information, to shutting down or altering websites, to email scams such as the infamous Nigeria 419 scams. As the internet grows in both size and importance, the opportunities to commit cybercrime become more plentiful, and the rewards ever larger.
According to the Criminal Lawyer Group, crime on the internet changed drastically around the year 2000. Before, then most “crimes were committed by computer nerds who felt challenged to prove they could beat the system.” While a successful hack could result in a target losing money and be quite a headache, the potential for the hacker to make money was limited. After 2000, with ever more sensitivity information being stored online, the increasing popularity of online banking and shopping, it became more viable to make a profit by hacking someone’s system.
The internet has become such an important, irreplaceable tool for us that there is even a profit to be made in illegally removing our access to it. Last September, a new computer virus named CryptoLocker made headlines as it infected computers around the world, encrypting users’ files and then offering to unencrypted them for a fee. While it is estimated that only three percent of all users ever paid the ransom, the existence of such viruses, known as randsomware, shows that criminals think even ordinary users are willing to pay a hefty fee for the information that is stored on their computers.
In a similar vein, there is also money to be made in disabling websites and other online services. Known as a DoS, or Denial of Service attacks, this type of cybercrime involves sending an enormous number of requests to a server. The server, which can only handle so many requests at a time, can crash from the load or become unusably slow in fulfilling legitimate requests. The more common and powerful form of a DoS attack is known as a DDoS (Distributed Denial of Service) attack. DDoS attacks work just like DoS attacks, but the requests are sent from many computers, most likely at the will of a virus infecting the computer.
Earlier this month the website security firm CloudFlare reported that it had mitigated a 400 gigabit/second (50 gigabyte/second) DDoS attack, the largest to date. What is especially concerning about this attack is that it abused a fundamental part of internet infrastructure, the Network Time Protocol (NTP), highlighting the fact that the modern internet is still based on old, insecure protocols. The NTP is a way for devices such as computers to get the time from servers—known as NTP servers—which can keep very a accurate time. The problem with the protocol is twofold: First, a request to an NTP server is very small while the response from the server is much larger. Second, it is possible for a computer to request the time on the behalf of unrelated computer. The DDoS attack took advantage of the NTP to multiply the magnitude of their attack. Instead of directly bombarding their target server with requests, the DDoS computers sent requests to NTP servers, which responded with a larger message to the target server. The end result is that the target server receives a much larger attack than was originally sent.
Like it or not, the Internet of Things is here. Certainly, there are risks involved, but there is also the promise of a more connected, intelligent world. While you do not have to rush out embracing this future with open arms, it is probably best to at least recognize that the internet of tomorrow will not be the same as the one we are familiar with. We can make all the predictions we want. Some will turn out better than others, but all we can say for certain is: there will be change.
Leave a Reply