Hacking through security systems began long before the rise of the Internet, but the online environment that took form in the 1990s begat new forms of hacking, information theft and purely malicious mayhem.
Now cloud and wireless technologies have opened grim new worlds of cybersecurity threats. Aside from computers, potential sources of information breaches include smartphones, tablets, medical devices and automobiles, including conventional and autonomous vehicles.
Paul McGough, founder and CTO of Qwyit LLC, gave TheStreet a rundown on the importance of encryption and its applications in areas that were not an issue 20 years ago.
Manassas, Va.-based Qwyit maintains that while cryptography has long made it possible to create an unbreakable code, the situation changed significantly when encryption was employed in enterprise environments with many users.
Originally, it was possible to pre-share a one-time key, or one-time pad (OTP). But as enterprise applications developed, the key distribution technology systems became more a form of authentication rather than actual encryption.
Qwyit has developed a system that provides authentication and single-use encryption keys.
McGough believes that current encryption approaches are not up to today's challenges. A number of massive information hacks in corporate and government information systems confirm his thesis.
Hacking is an ongoing issue in the U.S. electoral system as 2018 elections approach.
One area no one was concerned about in the days of Netscape was self-driving vehicles, which didn't exist back in the day.
Now we have them, and a recent pedestrian fatality illustrated the dangers of autonomous driving technology.
"Within the last two years, there have been major publications of vehicle control system hacking where researchers have actually taken control of moving driver-driven vehicles," McGough said.
"This is, to say the least, about as nightmarish as it gets," McGough said.
"The security is so lax that someone can actually control your car against your will. Now here's a real horror story—I haven't read a single article in those same two years with regard to the security of autonomous vehicles! Lots and lots of stories about how they are going to revolutionize travel—and all I can think of is how they are going to revolutionize hacking ... entire fleets of autonomous cars just tootling around, wherever any 13-year old wants! Better get out of the way!
"There is no greater risk to the acceptance of this revolutionary AI next-step commuter's dream than having security systems from the 1970s—just one single hacked crash fatality will, rightly, destroy the multi-billion industry before it even begins," according to McGough.
One of the other new horizons for hacking lies in the field of wireless medical data.
For decades, heart patients wore Holter devices that recorded a few days of data on a device that had to be downloaded at a physician's office. Now wireless devices transmit heart, blood glucose and other data to doctors and third-parties.
"One of the most crucial aspects of technology in healthcare, is integrated life-saving device management—pace makers, oxygen monitors, et cetera," McGough said.
"All need 24/7 connectivity to hospital staff, doctors, family and care providers. Can you imagine the horror of life-threatening network attacks, device hacking, and other types of signal intrusion?"
In this area, McGough suggests a variety of mission critical needs: fast performance, broadband capability, storage and messaging traffic efficiency, flexible trust models to include providers and family, simplicity of operation across the entire user community and end-to-end unbreakable encryption.
"These simply don't exist in the current security technology products, but they are the trademark of our Qwyit technology," McGough said. "The entirety of the healthcare data transaction and messaging architecture needs end-to-end unbreakable communication."
The same is true of financial transactions and blockchain, according to McGough.
Here he sees a lack of security measures in blockchain companies as the result of trying to maintain a bit too much convenience for users, according to an article he recently posted.
"They are being hacked because of their position in the transaction chain. Such a wonderful place to watch all of the decentralized transactions becoming ... naturalized," McGough said.
"In order to accommodate your trust, they don't want to alienate you with 'too much security stuff' because, first, you don't have that expectation like you do from the cultural conditioning you've received from a real bank; and second, they don't want to raise the convenience bar too high or you'll take your business elsewhere."
More generally, legacy information systems with security holes-in-the-armor could pose many problems.
"Defunct information systems could pose very serious network security issues if any vestiges of connectivity to current, live systems exist," McGough said.
"This doesn't even require active network nodes—just the ability to somehow access some part of the defunct system, and leave 'code instructions' that might be accessed in a database, or access to old email addresses where passwords my lie hidden that will work in the new system," McGough said.
"The possibilities," McGough said, "are endless and difficult to control-especially since these systems are no longer actively under network maintenance procedures and policies. Physical deconstruction of these systems is required to permanently disconnect them, and eliminate the threats."