Posted on 2017-01-30
A few years ago, Andy Greenberg, a writer for the mostly tech-oriented magazine WIRED, wrote a piece in which he presented two researchers, Charlie Miller and Chris Valasek, who were able to hack vehicles. Greenberg accepted to be the "victim" of a hack. In his article, he described the feeling of powerlessness he felt during the event, and later he elaborated on the potential dangers that could result if such hacks could occur.
In the fall of 2016, a distributed denial-of-service (DDoS) attack was directed at Dyn, a DNS provider (DNS is what allows a numerical-only IP address to be converted into a human-readable website URL). This meant that well-known sites and services (e.g. Twitter, Netflix) were not available during that time. It is currently believed and accepted that the attack was caused by infected network-enabled devices–also known as Internet of Things, or IoT–, such as printers, cameras, and other home devices.
Both the situations presented above could have been avoided. The vehicle hack was done thanks to a zero-day exploit, which means that the code produced by the car builders included a security flaw on release. The DDoS happened because the IoT devices were infected with a malware. While the former should have been handled ahead of time by the engineers that built the cars, the latter is generally believed to be the responsibility of the devices owners.
While these events can be inconvenient, even dangerous, they don't even compare to a potential upcoming threat: health hacking.