How Fake Data Threatens Your Connected Home and Car

SAN FRANCISCO — In a world where data drives business, political and military decisions, falsified data has become a weapon, Intel Security Group head Christopher Young told the RSA Conference here this week.

Credit: Jamesteohart/Shutterstock

(Image credit: Jamesteohart/Shutterstock)

"Data drives decisions, but decisions drive world history.  Stolen and manipulated data was used to hijack our election," Young said. "Data land mines, properly placed, can make it difficult to make good decisions."

To combat what Young called the "weaponization" of data, he urged competing cybersecurity companies to work together toward the common goal of making sure that the data reaching not only decision-makers, but owners of smart-home devices and drivers of connected cars, is true and untainted.

MORE: Best Antivirus Software and Apps

"A year ago, we made up headlines that we thought could be fake news," he said, playing a prescient clip of himself at last year's RSA Conference, in which he theorized about a cyberattack on the 2016 U.S. presidential election. "Now, I didn't expect to be right about that."

"Data is now more than just 24-hour news cycles. It's becoming the bedrock of our economy," Young added. "Data-driven models determine decisions. If that data is manipulated, it can be turned into a weapon."

Not only are American leaders vulnerable to falsified data, he said, but so are users of data-intensive technology such as smart cars and smart-home devices, otherwise known as the Internet of Things or IoT.

"We know an autonomous vehicle can be hacked" with false data, Young said. "But we're going to have thousands of them on the road soon. And what about going after the traffic systems themselves through the injection of false data?"

"Another big attack target is the home," he said. "Those homes have sophisticated devices that can be used to launch more sophisticated attacks.  How many of us take the home into account when we design our cybersecurity tools and architecture?"

Referring to the Mirai botnet of hijacked internet-connected digital video recorders, which was used to cause widespread connectivity problems in October 2016, Young reminded the audience that "Mirai means 'future' in Japanese, and it's pointing to where we're headed."

"The Mirai botnet is alive and well and recruiting drones to be used in its next attack," he said. "We have to make sure that the IoT doesn't become the Internet of Terrorism." 

To combat this trend, Young said the hundreds of cybersecurity companies jostling for exposure and sales at RSA should join forces to stop the falsification of data.  He made an analogy to the 1992 U.S. Olympic men's basketball "Dream Team," in which star professional players such as Michael Jordan, Magic Johnson and Larry Bird set aside their competitiveness and won a gold medal.

"Magic Johnson told me that 'we checked our egos at the door' to win that medal," Young said, adding that the security industry needs to follow the same lesson.

"We're better side by side," he said, "working together to reach a larger goal."

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.