The US Department of Commerce and the Department of Homeland Security have released a draft report on 'Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats'. The report comes in response to President Trump's Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (from May 2017). It looks at challenges and opportunities in reducing the botnet threats that 'capitalise on the sheer number of Internet of Things devices', with goals related to a more secure technology marketplace, innovations in network infrastructure and applications, coalitions among security and technical communities on national and international level, and awareness and education. It outlines several recommendations, such as: establish broadly accepted baseline security profiles for IoT devices in home and industrial applications, and promote international adoption through bilateral arrangements and the use of international standards including IPv6 implementation; more efforts from the industry to develop innovative solutions for preventing and mitigating distributed threats; collaboration between government and industry to ensure existing best practices, frameworks, and guidelines relevant to IoT are more widely adopted; and promoting the international adoption of best practices and relevant tools through bilateral and multilateral international engagement efforts. The report is open for public comment until mid February 2018.
The Internet of Things (IoT) includes a wide range of Internet-connected devices, from highly digitalised cars, home appliances (e.g. fridges), and smart watches, to digitalised clothes that can monitor health. IoT devices are often connected in wide-systems, typically described as 'smart houses' or 'smart cities'.
Cybersecurity is among the main concerns of governments, Internet users, technical and business communities. Cyberthreats and cyberattacks are on the increase, and so is the extent of the financial loss.
Yet, when the Internet was first invented, security was not a concern for the inventors. In fact, the Internet was originally designed for use by a closed circle of (mainly) academics. Communication among its users was open.
Cybersecurity came into sharper focus with the Internet expansion beyond the circle of the Internet pioneers. The Internet reiterated the old truism that technology can be both enabling and threatening. What can be used to the advantage of society can also be used to its disadvantage.