CNN: International, Final Report. Wednesday, December 25th, 2019 : The events that have unfolded in the last 72 hours have devastated the entire civilized world, and have left society as we know it on the brink of collapse. I’m told that our networks are now shutting down, and that the report I am about to file will be likely be the final one of its kind. So, I must consider this an historical record, and shall publish this report in that context.
In what has clearly been a well-coordinated attack by a global band of highly-organized cyber-terrorists, the connected world has come crashing down ushering in what many are calling the Internet of Things Armageddon.
The first attacks which caused massive outages were focused on the EU, Russian, Chinese, and Western Hemisphere power grids. Efforts to restore electrical energy to the grid were thwarted as each successful restoration was quickly taken down with a new series of attacks that again turned the world’s most powerful and wealthy regions into seas of darkness. Early reports suggested that the attacks originated in the East but more recent assessments concluded that a home-grown, highly-organized, terrorist element was responsible for the coordinated attack. In essence, machines programmed for mass destruction of the grid attacked machines woefully unequipped to protect it.
Back-up power supply was very quickly exhausted, and soon other countries throughout the planet were plunged into a state of permanent darkness.
Crime spiked dramatically but soon, as the impact of what was happening set in, thoughts turned to survival at any cost. It was not to be, as the cyberterrorist group next turned its attention to the world’s water supply. Easily penetrating security protocols that originated in the 1990’s, hackers shut down water distribution, and in selected regions diverted contaminants into the water supply, rendering our most vital resource unsafe to consume. Many who did became critically ill, and the death toll mounted worldwide. Freshwater lakes and rivers, previously reserved for adventure tours, quickly became go-to survivor destinations and were eventually overwhelmed with migrant travelers, all of whom were fighting to survive.
Most arrived on foot, living off the land en route, as the world’s fuel supply had been shut down on many levels. Vehicles dotted the highways, out of fuel or energy and unable to transport their occupants to safe havens. Planes stopped flying. Trains stopped running.
With food production and distribution permanently suspended world-wide, only those with outdoor survival skills are expected to endure. Expectations are that the world’s population will dwindle from its current 8 Billion to 500 million, levels last seen in the early 1600’s.
As I write this I have been informed that the cyberterrorists have accessed major nuclear facilities and have selectively restored power at these locations, enough to launch missiles aimed at major cities in every corner of the planet.
It appears now that those often seen carrying placards with the ominous message, “The End is Near,” are finally right. And the irony is that the very thing that ushered in unfathomable advances in civilization – technology – is the thing that also will return our world to the dark ages.
If only we had listened to those that told us repeatedly that the lack of ironclad security in our connected world was a global Achilles heel…
Over and out…
Author’s Note: The above fictional account is intended to shock those who read it, and ideally to create a groundswell movement that says things need to change and fast. We are collectively ignoring the dangerous vulnerabilities that characterize our connected world, rendering the horrible events depicted above a very real possibility. We cannot continue to rely on security protocols developed in the 90’s and repeatedly proven to be ineffective in keeping cyberterrorists at bay.
I’m not alone in my thinking. Late last year, Director of US National Intelligence, James Clapper, and several other U.S. Intelligence Community executives testified before a congressional committee on worldwide cyber threats, and their national and economic security implications.
According to Clapper, cyber threats to the U.S. are increasing in frequency, scale, sophistication, and severity of impact, and nearly all information communication technologies and information technology networks and systems are at risk. “These weaknesses,”he explained, “provide an array of possibilities for nefarious activity by cyber threat actors.”
And the US is not the only part of the world under attack. The problem is global, and must be addressed and soon, before predictions made by esteemed leaders in the crypto community like Napier University’s Professor Bill Buchanan, come true. Buchanan writes:
“One day, and I think it might be soon, we will wake up and RSA will be cracked. Either it will be super computers cracking the prime numbers, or it will be quantum computers, but when it happens there will be no proper identity on the Web and all the tunnels will be broken…”
If Buchanan is right, and I and many others believe he is, the companies that are best suited to fix this problem need to aggressively step up before it’s too late. I’m talking the big guys who have long touted PKI as the technology that can safely secure our e-world.
It can’t. Not anymore.
It’s time to openly acknowledge the embedded vulnerabilities in this 1990’s technology and stop using them, in favour of rapidly adopting crypto schemas that aren’t susceptible to outside threats. And if that means losing top-line revenues, and hurting the bottom line while you transition to safe crypto schemas, that’s a price that I believe needs to be paid. In fact, it must be paid as the consequences of maintaining the status quo are just too severe.
And now the good news…introducing IBE 3.0
Fortunately, there is proven technology which was improved in recent years that can protect our connected world from outside threats. Identity-Based Encryption (IBE) 3.0
IBE 3.0 is an evolution of Identity-based Encryption, standardized crypto technology developed by Adi Shamir (he is the ‘S’ in RSA) in 1984, improved in the late 1990’s by Stanford research, and commercialized as IBE 2.0 by Voltage Security, now an HP company. IBE 3.0 was developed and then patented in 2014 by Connect in Private (CIP), and is offered under the brand CLAE.
Pascal Pallier, the former Head of Cryptography and Innovation at Gemalto Security Labs states:
“CLAE achieves in a single cryptographic function all the ultimate functionalities that one can expect from a modern encryption mechanism. It supports authentication at no extra cost, and the certificate-less feature makes it easy to integrate in pre-existing applications. CLAE is basically what secure applications need, regardless of whether people are even aware that such technology exists and is available.”
CLAE is not a security solution, per se, but a “cryptographic ingredient” that can be baked into any offering. It is ideal for any company or service provider that is striving to economically and easily secure applications and services. CLAE provides all the benefits of IBE 2.0, and significantly more, including end-to-end security, authentication at the application layer, and greatly simplified set up and maintenance.
Most importantly, when RSA and ECC are cracked,CLAE will still be standing.
For more information on IBE 3.0/CLAE, please send me an email message – bill@connectinprivate.com
Next Generation of Systems Design at Siemens