DARPA: Nothing on the Internet is secure, including cars

We are probably mostly aware of how the Internet has certain holes when it comes to security and privacy. But when the man in charge of hardening the US Department of Defense's computer networks and the Internet in general says that there is no real security on the Internet, people better take heed. Everything that we connect to the world-wide network can be open to attack, and these days, that almost literally means everything, from smartphones, to thermostats, to doorbells, and yes, even cars.

Dan Kaufman is the head of the Information Innovation Office of DARPA or the Defense Advanced Research Projects Agency. DARPA, and Kaufman in particular, is working on trying to fix security vulnerabilities in small devices that have started to be called the "Internet of Things" or IoT. It is almost fitting that DARPA head this effort, as DARPA's ARPA-Net is the precursor of Internet that we know today.

There is nothing fundamentally broken with the Internet, says Kaufman. It just wasn't designed with the kind of cyberattacks that we see today. ARPA-Net started out more as a research tool than a lifestyle that it has become today. What is broken, according to Kaufman, are the things we put on the Internet, the devices that we connect to the network. These devices, especially the smaller ones that make up the Internet of Things, aren't exactly reliable in terms of security. And sometimes, in the rush to adopt new technologies, some device makers, even car makers, seem to put security as the last item in their checklist, with possible life-threatening consequences.

To prove the point, Kaufman subjected reporter Lesley Stahl's "smart car" to the test. It was a piece of cake to hack the car and gain control of its functions, even going so far as taking over braking mechanisms. In a real-world scenario, this is can be very frightening. This pretty much echoes the concerns that US Senator Ed Markey put forward regarding security in such connected vehicles. He proposes drawing up and enforcing government regulations and standards that will ensure the cars of the future will be secure and safe from hacking.

DARPA and Kaufman are developing "unhackable software" primarily to secure the military's own drones but can also be used for the Internet of Things. The prototype software will enable the military to identify compromised computers in its own network and remotely shut it down from anywhere in the world. Of course, if applied outside military use, the software could also bring up questions of privacy and fears that the tool itself can be used for evil.