It was your classic Silicon Valley vacuity treated as gospel. Last year Jeff Bezos, the Amazon founder, described how he stays at the top of the tech tree. “You have to always be leaning in to the future. If you’re leaning away from the future, the future is going to win every time. Never, ever lean away from the future.”
Most of us want to “lean in” to the future, don’t we? So it’s clever, the way the gods of technology have co-opted a shining-city-on-a-hill vision of “the future” and elided it with the stuff they sell. To reject their products is to reject the future itself. So pervasive is Californian tech utopianism, so fervently is it believed that new technology is an innately Good Thing, that anyone sounding the alarm at fresh developments is held to be a Luddite — and who wants to be one of them? Who wants to be the Colonel Blimp pulling pathetically at the hands of the clock?
But the future is not to be “leaned into” or “leaned away” from, it is only delivered to us in seconds, minutes and hours; and those of us with concerns about aspects of technological change should be more assertive about how that future is shaped, whether we are labelled Luddite or not. Especially when those concerns relate to security.
As we begin 2017 there are two major technology stories which are closely related but rarely mentioned in connection with each other.
The first is the increasing severity of cyber attacks, from the hacking, phishing and scamming of citizens to major international upsets: the raid on Sony, the attack in Ukraine which caused a major power outage, the infiltration of the US Democratic Party’s email servers. Obama’s decision last week to expel Russian diplomats in the wake of cyber attacks marked the hottest point yet in the Code War. How silently, how relentlessly the hostile powers, terrorists and criminals work against us in the ether. Each year the barriers to entry for hacking get lower, with online marketplaces springing up where people can buy all the elements needed for an attack. Malware to wipe thousands of computers half a world away: add to basket.
The second story is how we are blithely allowing the deeper penetration of connected technology into our physical environment: driverless cars on our roads; commercial drones in our skies; the so-called “internet of things” in our homes — networked devices like smart TVs or heating systems that are linked to the internet. Driverless cars are set to be tested on UK motorways this year. Last month Amazon made its first commercial drone delivery over the Cambridgeshire countryside. The internet of things is already here, with conservative estimates of 30billion connected devices by 2020.
So here, in case it is not screamingly obvious, is the line between these two stories. While furiously fighting on all fronts to defend ourselves from cyber attack, we are rapidly opening up new fronts through which we can be attacked. While GCHQ plays a relentless and expensive game of whack-a-mole to shut down the hacks, we are weaving more hackable technology into the warp and weft of our physical world — and the deeper the penetration, the more vulnerable we become. As Marcus Ranum, one of the early innovators of the computer firewall, puts it: “The nations that are most at risk of a destructive digital attack are the ones with the greatest connectivity.”
Of course, we will be airily assured that security precautions will be taken; that anything making it into the mainstream will be virtually unhackable. But numerous recent hacks suggest that where a device is connected, unhackable is near impossible.
In 2012 students from the University of Texas managed to hack drones operated by the Department of Homeland Security. When they informed officials of the vulnerability, they were told the drones could not be hacked — and only believed when they demonstrated they could steer one of them off course with kit costing less than $1,000. Their professor warned afterwards that “in five or ten years we’ve got 30,000 drones inhabiting the national airspace … each one of these could be a potential missile to be used against us.”
In 2015, hackers worked out how to cut the transmission of a Jeep being driven at speed miles away — sparking a recall of 1.4million cars. Autonomous vehicles will need a high level of connectivity in order to detect each other: vehicle-to-vehicle communication which — if hacked by terrorists — could cause carnage. Cyber experts routinely talk of “ransomware” attacks in which driverless cars will be hijacked, with a ransom demanded to avert disaster.
As for the internet of things, a huge attack last October revealed the potential for chaos. Hackers used connected home devices like printers and webcams as gateways to flood networks with malicious software, bringing down Twitter, PayPal and other sites for hours. It is only a matter of time before malign actors use these routes to cause real-world destruction, such as fires — indeed it happened to a German steel mill in 2014, when hackers targeted their computers and caused a devastating furnace blast.
“Ah, chill out”, those future embracers say: “the technology is new; vulnerabilities will be designed out over time.” But if governments, armed forces and major corporates can’t escape hacking, this seems a foolhardy assumption. The fact is that we are dramatically increasing what techies would call our “attack surface area” with very little debate. And for what? True, driverless cars have been promised to reduce road deaths. But do we really need drones to get our Amazon deliveries into our hot little hands within an hour of ordering? Do we need our fridges to alert us that we need more milk? Is a modicum of extra convenience worth it for the huge security risks a more connected world brings?
“The internet revolution has come upon us so swiftly” said Henry Kissinger, “that nobody has yet worked out how to control it, or even to comprehend its consequences for mankind.” No government wants to look anything but starry-eyed about new technology. They want to be seen to “lean in” to the future. But it is their urgent duty to ask more searching questions about the consequences for mankind. While blind opposition to progress is foolish, opposition to blind “progress” is eminently sensible — and right now we could do with more of it.
Clare Foges is a former speech writer for David Cameron.