“No one is going to save us, so we have a job to do.”
When Josh Corman’s mum had a stroke, he thought it would primarily affect her speech. It ultimately took her life. At the same time as his mother’s life was ebbing away, Josh was pressing government authorities to take cybersecurity in connected devices more seriously. They refused to do so.
Tormented by both of these incidents, Josh realized the cavalry isn’t coming to save us. He had to do something. But what?
To enjoy privacy, you’ve got to be alive
The cavalry’s initial strategy was to go high and deep into governments to warn them that cyber-terrorism was a clear and present danger – in healthcare, automotive, agriculture, maritime and other spaces.
He told officials the issue was not one of privacy – like many people, Josh loves privacy, but he also wants to be alive to enjoy it. They didn’t listen, even when Josh told them that when ‘things’ are connected to the internet, people can die.
They said the public needed proof of harm before they could amass the political will to take action.
TriCk was killed by a drone strike
At the same time, a UK teenager was jailed for hacking the website of Tony Blair (former UK Prime Minister.) While in prison he was radicalized by militant group ISIS.
On his release he started the ISIS Cyber Caliphate, recruiting using his social media skills and showing his followers how easy hacking could be. Known online as TriCk, real name Junaid Hussain, he was eventually killed in a drone strike. But the Caliphate was now up and running, targeting connected devices within their campaigns of terror.
Are connected devices cyber-asbestos?
Josh likens connected devices to asbestos. When this natural mineral was first used in construction, it was lauded: what’s not to like about a material that is fire resistant, lightweight and cheap? But we later discovered that when it decays it causes cancer – an unintended consequence of what we believed to be progress.
Are we treading the same line with connected devices? Unchecked, will they become the next asbestos? I am The Cavalry has already shown how easy it is to hack an infusion pump remotely and deliver a 30-minute dose in just 30 seconds. If the white hat hacker demonstration team can do it, so can the black hats like TriCk.
Raising the alarm without being alarmist
Josh says that when we hear or read scary things about cybersecurity, it’s human nature to mentally switch off – our brains think it’s scaremongering.
But just because it’s scary, doesn’t mean it isn’t true.
The cavalry’s collective of over 1000 white hat hackers are engaged in the hard work now so when the scary times do come (which Josh firmly believes they will) we are “safer, sooner, together.”
In this episode of Defenders of Digital, Josh gives us the whole story on this life-saving volunteer group.