In the brave new world of cyber challenges, everything can be a threat. Even your hearing aids, as the director of national intelligence discovered.
DNI head James Clapper told a Washington audience Wednesday that the intelligence community is grappling with the “internet of things” — devices and appliances that can be wirelessly connected to the web and can provide access for hackers or foreign spies.
Even his hearing aids required a security waiver, because they use Bluetooth technology, Clapper said.
“How’s our workforce going to be affected when even our clothes are interconnected,” Clapper said at at the Bipartisan Policy Center, “and when doctor’s regularly prescribe wireless monitors for health conditions?”
“Even now,” he added, “I need security waiver for my hearing aids which have Bluetooth connectivity.”
The intelligence community is trying to figure out how it should operate on a wireless basis, Clapper said, in ways that are secure. It’s a particular challenge “in terms of dealing with millennials who are quite used to that,” he added.
“We’re trying to come up with a policy on this, some governance that is consistent across the enterprise, that at the same time will allow for latitude for technology to change — because it will,” he said.
The country’s top intelligence official said that as the internet of things grows more common, the 10.3 billion end points now in existence are expected to mushroom to 29.5 billion by 2020 in an industry that will be worth $1.7 trillion.
“This has huge implications for cyber security,” Clapper said. He offered another example of how complicated this could make life for spies.
During a standard sweep of a new facility, some of his security staff discovered several wireless signals “transmitting out into the world,” Clapper recalled. “Of course, for us, that conjures concern,” and the possibility of a foreign intelligence agency at work.
When the security group located the source of the signals, “they were relieved to discover the signals were not from foreign intelligence bugs placed in the facility,” Clapper said. “They came from vending machines trying to tell the distributor they were empty.”
Now, he said, he and his staff know to look for and mitigate the vending machines. That experience “conjures up questions about how the internet of things might affect the intelligence community” and is forcing them to ask themselves about potential weak points, he said.
“The internet of things presents lots of vulnerabilities,” Clapper said.
