CIA chief says internet-connected appliances are ‘worrisome’ new threat

CIA Director John Brennan says that connected appliances and networked vehicles will make the agency’s job harder – with more systems to protect, and more platforms which could be used to launch attacks.

Network World reports that Brennan, speaking at President Barack Obama’s Associates Dinner at the University of Oklahoma said that cyber issues were becoming increasingly central to the CIA’s mission, and that Brennan said, “We also are concerned that new vulnerabilities will develop as cars, home appliances, and other physical objects become more integrated into information networks.”

“As we move closer to what some are calling an “Internet of Things,” there will be more devices and systems to protect—and, equally worrisome, more that can be used to launch attacks.”

As part of a wide-ranging speech, Brennan said that the rapid pace of change in technology made the job of the CIA “challenging”. The CIA’s official transcript of the speech can be read here.

“Cyber security was part of my portfolio when I served at the White House, and I must admit that after a while, just hearing the word “cyber” was enough to make my head hurt,” Brennan said.

“Part of what makes cyber so challenging is that technology is changing so rapidly—and society along with it,” Brennan said,. “In many respects, the world is transforming itself before our eyes, as more and more human activity migrates to the Internet.”

“This has profound implications not only for how each of us conducts our daily lives, but also for the way CIA carries out its mission. Terrorists, criminal networks, weapons proliferators, state actors—all of them are entrenched in the digital domain.”

Various cases have shown that devices belonging to the so-called ‘internet of things’ are vulnerable – this month, it was revealed that Belkin’s WeMo home automation systems contained multiple vulnerabilities which could allow attackers to remotely control devices attached to a WeMo system – for instance, blacking out lighting in a home, or remotely monitor devices such as security cameras, as reported by WeLiveSecurity here.

Several security researchers have shown off ‘hacks’ which can remotely take over the software in vehicles – and CNBC described such attacks as potentially forming a new “global cybercrime wave.”
At this year’s Consumer Electronics Show (CES) in Las Vegas, ‘smart homes’ were clearly a big trend on the show floor – and much debate was ignited about their security.
The normally sober BBC warned, “In the future, it might not just be your smartphone that leaks personal and private data, it might be your smart fridge too.”

But ESET Senior Research Fellow David Harley said in a commentary post at the time, “It may be a little early to worry too much about what your fridge or your medicine cupboard is able to reveal to a hacker about your eating habits and the state of your health,” Harley says.

“After all, there are all too many more direct ways for retailers, insurance companies, and pharmaceutical companies to get that sort of information. (And those are issues more people should be worried about.)”