Israel Cyber Week With insecure computers in charge, the healthcare and transportation sectors have become a nexus of security problems, infosec veteran Bruce Schneier warned delegates at Israel Cyber Week.
Schneier said that confidentiality attacks, such as leaks of personal information, are being replaced by more dangerous integrity and availability attacks.
Schneier told El Reg after his speech: "Everybody understands what might happen if your pacemaker is hacked and it delivers a lethal charge, but what if I took over some inter-connected robot toy and tripped you in your house? It's a little more subtle.
"Cars and medical devices are the near-term examples that are very evocative."
This poses some tough challenges for security engineering, namely: how to update systems that have an effect on the physical world in near real time; and how to deliver authentication at scale as millions of devices are connected to the internet; and broken supply chain security.
"Security is failing just as technology is becoming autonomous... and more important," Schneier told the conference in Tel Aviv on Thursday, adding that a "perfect storm" was brewing on the horizon.
Schneier's speech focused on the security of IoT devices, a topic he has done much to raise awareness about of late. His forthcoming book, Click Here To Kill Everybody, out September, is due to both address these problems and propose potential solutions.
Technology is only one of many components that needs to be brought together to fix the problem. Regulations, liabilities and competition also need to be thrown into the mix, Schneier argued. ®