If calculated from the “ARPANET” founded by the U.S. Department of defense in 1969, the Internet has just gone through half a century. From the early LAN to the “Internet of things” of “everything is media and everything is interconnected” in the 5g era, this revolutionary technology has brought unimaginable convenience and quickness to the whole world in the past, and has become an indispensable “blessing” to promote human development and social progress.
After more than 40 years of rapid development of the Internet, human desire to “connect everything” has not stopped. From web 1.0, Web 2.0 to mobile Internet, the Internet has fully interconnected people. In order to further expand the information world and strengthen human response to the material world, a new network designed to connect people and things, things and things came into being. The official birth of the Internet of things was between 2008 and 2009. For the first time, the connection of things surpassed human interconnection in scale. Since then, the Internet of things has gradually been regarded as a necessary way to break through the limitations of the Internet and explore new economic growth points. The European Union, the United States and China have successively raised the development of the Internet of things to the national or regional priority strategic level.
The breakthrough of communication technology represented by 5g has accelerated the speed of data transmission and processing in human society. With more and more frequent contact and connection between users and devices, human communication has entered the era of Internet of things. According to the report of Gartner consulting company, the Internet of things presents an “explosive” development trend. At present, nearly 5 billion objects in the world have been interconnected. It is predicted that by 2020, the market capacity of the global Internet of things will reach US $2.2 trillion.
The Internet of things has brought human society into an era of intelligent media with progress, efficiency and opportunities. But at the same time, this attribute of “interconnection of all things” of the Internet of things is also easy to make network attacks have an unprecedented “chain effect”, showing the characteristics of “the more connected, the more fragile”. In September 2017, Internet of things security research company (armis) designed a set of attack vectors (blueborne) by using eight “zero day vulnerabilities” in Bluetooth protocol, and built a “botnet” in the experiment to take over all kinds of Bluetooth enabled devices and spread malicious software. According to the person in charge of the experiment, if hackers use these eight vulnerabilities to maliciously attack Bluetooth devices, the number of affected devices will reach 5.3 billion, which is difficult to escape for both common smart devices and new Internet of things devices in the current market.
In fact, whether it is the Internet or the Internet of things, its operation is based on data. Data is not only a means for computers to execute human instructions, but also an “information” bridge between different devices. The evolution of the Internet to the Internet of things is largely driven by the exponential expansion of data. According to statistics, in the three years from 2015 to 2017, the amount of data generated by human beings far exceeded the sum of the past 40000 years. Mankind has been in the era of “data ocean”. However, with the increasing correlation between data, human security is becoming more and more “fragile”. Once a single data is leaked, it is likely to be a “domino” chain crisis. The outbreak of “Facebook data disclosure door” in 2018 has attracted the attention of global public opinion.
Bruce Schneier, an American network security expert, published a best-selling book “click here to kill everyone: security and survival in a super connected world” in 2018. The author is a researcher at Harvard University and chief technology officer in charge of IBM emergency response. The book depicts the end of the era of the Internet of things: killing people with computers, crashing cars, paralyzing power plants, using biological printers to cause epidemics, and so on. When everything is connected, everything is a “computer”, which indicates that everything can be a “murder weapon”. Technically, it can indeed kill everyone by pressing the mouse. Although Schneier also believes that the title of his book is suspected of “title party”, he hopes to arouse people’s attention to the negative effects of the Internet of things. In the era of “everything is computer”, everything can be a “murder weapon”. When different terminals are interconnected, they also “transfer the risk originally borne by a single terminal to other terminals in the network in an equal amount”, which further amplifies the risk of “the more connected, the more fragile” in the Internet era into “everything is a murderer” in the Internet of things era.
Microsoft’s report shows that governments, enterprises and social organizations around the world pay an average of $4 billion a year for the losses caused by cyber attacks, and this number will continue to grow. In the 5g era of unprecedented enhancement of data mobility and rapid expansion of attack surface, how to effectively ensure the security of the Internet of things has become an urgent task.
To maintain the security of the Internet of things in the 5g era, we need to completely break the mindset of “decentralization” in the Internet era, strengthen overall coordination and comprehensive guarantee from multiple dimensions such as equipment, data, algorithms, network connection and infrastructure. Formulating unified standards is the premise of strengthening security. Therefore, Schneier proposed ten principles that should be considered when formulating standards: transparent data management, repairable software, pre product testing, allowing users to adjust default security operations, predictable and preventable system failures, using standardized protocols and rules, avoiding known vulnerabilities, maintaining offline functions, encrypting and authenticating data Governments and enterprises should fund research projects related to network security, etc. The above ten principles have strong operability and reference significance.
Government departments should earnestly fulfill the main responsibility of ensuring the security of the Internet of things, strengthen cooperation with Internet enterprises, and establish an effective “technology + policy” collaborative management mechanism. The regulatory authorities should consider the safety standards into the market access threshold, and force Internet enterprises to make safety protection a top priority through the “severe law” as in the past to deal with major safety responsibility accidents such as mining accidents and food and drugs. For ordinary Internet users, they should strengthen their “digital literacy”, enhance their discrimination against cyber crimes, and more actively protect their own data security.
From the Internet to the Internet of things, technological progress has brought unprecedented freedom and convenience to human society. At the same time, it has also led to unprecedented risks and challenges, and may even set off unimaginable “waves”, even threatening the life and death of the whole mankind. With the increasing popularity of 5g technology, the importance of Internet of things security mechanism construction is becoming more and more prominent. How to ensure that the Internet of things can become a “blessing weapon” conducive to the construction of a community of human destiny and will not change into a “murder weapon” that “click to kill everyone”, which is an urgent issue in front of the government, enterprises and the public in the 5g era, and we need to face it hand in hand.
Editor in charge: Tzh