The New Age of Digital Transformation
How to make the right connections for the world’s fourth industrial revolution
As we stand on the cusp of a profound technological transformation, industries of all types are searching for that most human of things: trust.
We are at the threshold of the New Age of Digital Transformation. The world’s fourth industrial revolution is almost upon us, and it has the potential to be the most disruptive – and dangerous – yet.
The first industrial revolution, in Europe and America, took place in the 18th and 19th centuries, as we moved from agrarian, rural communities to an industrialised, urban society.
The second, characterised by new mass production techniques, the introduction of electricity and rapid innovation, took place just before World War 1.
The third began in the 1980s, as the world progressed from analogue to digital technologies. We are now in the age of computers and connectivity. But everything we’ve done to date will, in the not-too-distant future, be seen as mere baby steps on the road to our next transition.
The world’s fourth (impending) revolution is being driven by new and emerging technological breakthroughs in areas such as big data, the Internet of Things, artificial intelligence, inexpensive sensors, driverless cars and other autonomous systems.
Add to the mix advances in robotics, 3D printing, quantum computing and nanotechnology, and we start to get some hints about the shape of the future. It’s breathtaking. This is the age in which it all comes together. This is the age where everything will be connected.
Building on trust
Projected timelines for widespread digital transformation vary considerably. Depending on who you talk to and which industry is being discussed, you’ll hear estimates ranging from a few years to more than a decade. No one really knows.
But one thing is for sure: none of it can happen unless and until we can trust the data that connected devices are capturing, processing and sharing. And before you can trust the data, you have to be sure of the source.
If we are to fully embrace the future, we will need some kind of warrant - a guarantee - of the identity of our connected devices. Otherwise, the risk of a system being compromised is simply too great.
The age of digital information is also the age of cyber-attacks. And whenever we reach out to mine rich new seams of data, and the more connected we are to the world outside, the more we vulnerable we become.
Self-driving vehicles are an excellent example. It can’t have escaped your attention that manufacturers across the automotive industry are pouring money into research and development as they chase the dream of driverless cars. The unspoken truth is that we are not ready yet.
Fixing the vulnerabilities of today, before we look to the future
In 2017, Computerworld Magazine was one of the first journals to report on research by Argus Cyber Security, whose technicians found two security flaws in a well-known brand of car.
One of these flaws allowed them to send unauthorized messages to the car over a Bluetooth® connection, and the other was a vulnerability in the authentication process. Argus researchers were able to take control of the car and stop its engine.
This was in carefully controlled conditions. Worryingly, however, the pair concluded:
“If an attacker were to implement this attack method in the wild, we estimate that he could cause physical effects on most vehicles on the road today.”
Earlier this year, researchers discovered multiple vulnerabilities in other makes of car. In one case, the ‘attacker’ was able to remotely access the microphone, speakers, and navigation system. That doesn’t sound too serious until you consider the potential for eavesdropping on private conversations and tracking a car’s location minute by minute.
Other current makes have been hacked in the name of research and, on at least one occasion, control of the brakes and steering was taken over from a distance of 12 miles.
None of this research involved prototypes of self-driving cars. Theses particular vulnerabilities were revealed on mainstream production vehicles which make use of Bluetooth® and WiFi for the greater convenience of the driver and passengers. The threat is real. The risk is now.
Security for a more connected age
Hacking cars is nothing new. It has been accomplished with varying degrees of success over the past few years (although it does seem to be getting easier – or at least more frequent) as automotive technology advances.
Also, it should be recorded here that the vulnerabilities were swiftly fixed by the manufacturer, through software updates. But:
A) In the first place, it simply should not be possible to take remote control of a production car, and
B) Such security flaws are not limited to the automotive sector. They can creep into any technology that is ‘connected’. And, in the future, that’s likely to be pretty much everything.
So what’s the answer?
It is perfectly possible to embed ‘identity warrants’ which provide connectable devices with cryptographic credentials, giving each one a unique and unalterable identity. This can already be done as part of the manufacturing process and provides a means to not only authenticate devices but to manage security throughout their lifetimes.
The mechanisms for establishing the digital identity can vary from the use of unclonable features of silicon devices to the injection of private keys into tamper-resistant zones within hardware devices. But, regardless of the method. the result is always the same: it becomes all but impossible for the connecting device to be modified or cloned.
The benefits are clear and tailor-made for a more connected world. If we can prove the identity of every connected device, we can:
- Ensure that only genuine software is running on the users’ devices
- Perform remote software upgrades without compromising security
- Monitor connected devices and carry out preventative maintenance
- Collect and analyse usage information
- Negate the threat of unauthorised production runs and unapproved code
- Securely collaborate with third party service providers and partners
Commercial enterprises, governments, public enterprises, healthcare services, the military, the emergency services, and you and I and everyone you know, stand to benefit from the new Age of Digital Transformation - providing we can get there safely.
Cyber-attacks are part of everyday life. Perhaps they always will be. But let’s not allow them to kill off the fourth and greatest industrial revolution that the world has ever seen, before it is even born.