Connect with us

Opinion

Connected devices will remain vulnerable to hackers until the companies that make them are forced to provide minimum levels of security

Published

on

connected devices will remain vulnerable to hackers

Despite the fact that barely a week seems to pass these days without reports emerging of a newly-discovered Internet of Things (IoT)-related security vulnerability, governments and regulators across the globe have consistently failed to force companies that manufacture connected devices to make their products more resilient to cyber attacks. As a consequence, these firms are still able to bring products to market having paid scant regard as to how easily they might be hacked. And who can blame them?

If IoT device producers are not compelled by law to make sure their devices will not leave users vulnerable to being targeted by cyber criminals, it should come as no surprise when they fail to invest the significant amounts of money that would be required to make their products more secure. While this should seem quite obvious, lawmakers the world over have done little but dither when it comes to legislating over a threat that many analysts agree poses a significant danger to consumers. With some experts suggesting there could be as many as one trillion devices connected to the internet by 2025, the time has come to force connected device makers to get their house in order.

While some governments do pay lip service to the problem, few appear to have grasped the importance of moving quickly to ensure that the growing number of connected devices people are using are safe. In some cases, this is not just about protecting consumers’ personal information and their banking details. If hackers are able to gain access to connected cars or online medical devices, lives could be at risk. For their part, lawmakers in the US have this week been considering how to make the IoT more secure. Representatives from device makers told the Senate Commerce Committee Security Subcommittee that they should be permitted to continue with a system that allows them to work with the National Institute of Standards and Technology on voluntary baseline security standards rather than face government legalisation that would compel them to make their devices safer for users. But as Democrats sitting on the committee pointed out, it is clear to see that this approach is failing to produce results anything like quickly enough.

In the UK, the British government has announced plans that could force companies that make IoT devices to place labels on their products that would tell consumers how secure they are. British lawmakers have also said they will consult on forcing connected device manufacturers to build a minimum level of security into their products. Back in February, the European Telecommunications Standards Institute attempted to establish a security baseline for IoT consumer products, which it said would provide a basis for future connected device certification programmes. The organisation laid out 13 recommendations that it said would make such products safer, but owing to the fact that these are not legally enforceable, they amount to little more than a template for best practice.

It is now passed the point where it had to be asked how difficult this can be. Lawmakers have been aware of the growing threat that insecure connected devices pose for the best part of half a decade, but have proved themselves to be wholly unwilling or unable to force companies that manufacture these products to make security a priority. Meanwhile, hackers continue to have a field day exploiting the millions of poorly-secured IoT products that are flooding into consumers’ possession. Last month, online security firm Palo Alto Networks revealed that a recently-discovered variant of the Mirai malware was attacking a wider range of IoT devices, allowing hackers to create a botnet that could be used to launch distributed denial-of-service (DDoS) attacks. Elsewhere in April, Security researcher Paul Marrapese said that hundreds of thousands of IoT devices including baby monitors and smart doorbells have serious vulnerabilities that allow hackers to hijack them and spy on their owners. Marrapese claimed affected products were using peer-to-peer (P2P) features that allow users to connect to their devices the moment they come online.

In many cases, he myriad IoT vulnerabilities that are currently being discovered with such alarming regularity would not occur in the first place if device makers had been forced to ensure their products were robust enough to withstand the unwanted attention of hackers. Unfortunately, as things stand at present, none of this is likely to change for the better any time soon. Until governments across the world are bold enough to accept that allowing technology firms to self-regulate when it comes to security simply does not work, the willingness of these companies to cut corners where their customers’ online safety is concerned will continue to be all that cyber criminals need to successfully exploit the exponential growth of the IoT.

Continue Reading

Opinion

The GirlsDoPorn compensation award highlights a sickness at the heart of the adult film industry

Published

on

GirlsDoPorn compensation award

Last week, a court in the US state of San Diego awarded nearly $13 million to a group of 22 women who claimed they were tricked into performing in pornographic films after replying to online advertisements for modelling work. The owners of adult website GirlsDoPorn were ordered pay $12.8 million after a judge said they had used deception and false promises to entrap the women. At the end of a three-month civil trial, the judge ruled that James Pratt, Matthew Isaac Wolfe and porn actor Ruben Garcia had falsely told their victims that the adult films in which they appeared would not be posted online, and would only be used to create DVDs for overseas customers. Pratt, Wolfe and Garcia, the former of whom is currently on the run in his native New Zealand, all currently face criminal charges for their roles in the conspiracy.

The case appears to at least partially confirm what anti-porn activists have argued for decades; that the adult film industry is inextricably linked to human trafficking and the coercion of “performers” to participate in sex acts in front of the camera against their will or under false pretences. Campaigners such as these are often dismissed as being puritan fanatics with an irrational and illiberal dislike of the adult film industry, but a growing body of evidence suggests that many performers in pornographic movies may well have been exploited in one way or another. While most adult film consumers would never dream of viewing child sexual exploitation content, few porn enthusiasts likely trouble themselves with questions over whether or not the performers in the movies they watch may be victims of other forms of exploitation.

While rulings such as the one handed down in the GirlsDoPorn case are few and far between, the compensation awarded to the women involved demonstrates that the US legal system may be beginning to acknowledge the suffering of victims who are tricked into appearing in pornographic films. Although this might not be sex trafficking in the traditional sense of the term, the consequences for those involved was devastating. Some of the young women targeted by Pratt, Wolfe and Garcia described how they were ostracised from their families and ridiculed by their friends after footage of them preforming sex acts were uploaded to GirlsDoPorn and other adult websites. Some of the plaintiffs explained how they were left contemplating taking their own lives after they were recognised performing in adult videos online.

Although an egregious example of such behaviour, the modus operandi of the owners of GirlsDoPorn was by no means an aberration within the adult film industry. For many years now, young women have described replying to job adverts for modelling work only to find themselves being asked to perform sex acts in front of a camera. In such scenarios, victims are often pressured into doing so after they have been invited to attend a supposed photoshoot or audition, oftentimes being told that agreeing to do what is being asked of them will help them progress in their chosen career.

Many adult sites even have niche categories in which viewers can access videos that claim to depict young women being coerced into performing sex acts having turned up to an audition for modelling work, the implication being that such films have been posted online without the victim’s knowledge. While some of these videos will most likely have been contrived to appeal to viewers who want to see this type of thing, there can be little doubt that some genuinely feature vulnerable victims who have been duped into appearing on camera.

The GirlsDoPorn case is remarkable not only because it is so rare for the owners of adult websites in the US to face any form of legal action, but more importantly because the charges relate to practices that anecdotal evidence suggests are so widespread in the porn industry. Up until now, the received wisdom seemed to be that so long as adult film performers were above the age of consent and were not overtly being “forced” to perform sex acts on camera, the makers of such content could act with near impunity.

Whether or not Pratt, Wolfe and Garcia are found guilty of the criminal charges they face, which include sex trafficking by force, fraud and coercion, the compensation ruling handed down against them could bring about a significant sea change in the way the porn industry operates and is regulated. While it may well have been true that the plaintiffs in the case might not have been explicitly forced to carry out any sexual acts against their will, the compensation they were awarded is testament to the suffering they were put through as a result of what happened to them. On reflection, the only strange thing about this case is that it took so long for anybody to realise that treating victims in this way was so wrong.

Continue Reading

Opinion

Are classified sites such as Craigslist facilitating prostitution by allowing ‘sex-for-rent’ ads?

Published

on

are classified sites such as Craigslist facilitating prostitution

In many major UK cities, young people can find themselves paying more to rent a room than some families spend on their monthly mortgage repayments. Renters in London routinely find themselves having to shell out upwards of £600 ($802) a month for a single room, with many handing landlords much more than this if they live in a more expensive part of town. For those on the UK’s national minimum wage or students, let alone the unemployed or homeless, this can be prohibitively expensive. In the absence of wealthy parents who are willing to foot the bill for suitable accommodation, a high number of young people looking to live in big British cities often find themselves caught between a rock and a hard place, unable to afford the cost of living  in the location in which they would like to live.

Sadly, the unaffordability of this type of accommodation is being exploited by unscrupulous landlords who offer tenants free board in exchange for sex. Despite several exposés by UK media outlets highlighting the growing sex-for-rent trade, classified listings sites such as Craigslist remain full of entries in which dodgy landlords offer vulnerable young people the chance to live in a property for free in return for sex.

In a high number of cases, the landlords are middle-aged men who often signal a preference for young women in their online ads. What is perhaps most alarming is the fact that these ads continue to be placed even though experts have warned that the landlords who post them might be guilty of a number of criminal offences should they go through with accepting sex acts in exchange for the accommodation they provide.

Last year, a survey conducted by YouGov found 250,000 women in the UK had been offered free or discounted accommodation in exchange for sex. The phenomenon has become so widespread in recent years that the UK’s Crown Prosecution Service (CPS) has been forced to update its legal guidance on prostitution.

Notes published by the CPS in January on sex-for-rent arrangements state that anybody exchanging accommodation for sex could be committing the offence of causing prostitution for gain or inciting prostitution for gain. In spite of this, and a number of relatively high-profile investigations into several sex-for-rent cases across the UK, there appears to be no shortage of shady landlords in Britain who have few qualms about offering accommodation to vulnerable young people in exchange for sexual favours.

Last year, reporters from the BBC confronted a sex-for-rent landlord on camera after secretly filming him propositioning a potential tenant. Earlier this month, LBC conducted a similar investigation, challenging a sleazy landlord who suggested to a young female actress that she might like to enter into a “daddy/daughter type scenario” should she move into his property. When confronted, both men were understandably embarrassed, but proclaimed they were unaware they were doing anything wrong.

Back in 2016, homeless charity Shelter published some examples of the types of sex-for-rent ads that were being posted on Craigslist at the time. One read: “If any young female student is in need of free of charge accommodation & is prepared to act as a ‘resource’ in return, then please provide full personal details & a recent pic & reply from your own private e-mail address please. No pic, no reply (sic).”

Nearly four years on, little appears to have changed. Within seconds of logging on to the shared rooms section of the Craigslist website, we were able to identify numerous posts that appeared to allude to similar arrangements. One poster who described himself as a 25-year-old single “romantic man” was offering a “roomshare” in London for an “eastern European girl”. Elsewhere, accommodation was on offer in London for a female of any age who would be willing to pay her rent with “massages”. Another advertiser was offering a room for free to a “submissive female”.

While the CPS told LBC that UK law has been left untested on sex-for-rent because not one case has been presented by police for prosecution, it must surely be true that Craigslist and other classified listing sites that publish adverts offering accommodation in exchange for sexual favours would be facilitating any offence the poster went on to commit. In March of last year, Craigslist removed personal listings from its website after the US government introduced new legalisation making online publishers responsible for the promotion of prostitution and sex trafficking. If classified listing sites such as Craigslist want to avoid accusations of facilitating prostitution, they would do well to better vet the ads they allow on their accommodation share pages.

Continue Reading

Opinion

Video games and gaming platforms are facilitating serious and organised crime

Published

on

Back in the 80s and 90s, few could have imagined how the gaming industry would evolve. From what many observers assumed to be a causal pastime if not a fad, gaming has become the biggest form of entertainment on the planet, with some 2.5 billion people across the world expected to spend $152.1 billion on the activity this year, according to data from Newzoo. In cash terms, that would represent an increase of 9.6% compared to 2018. With the growth of mobile games and the rise of streaming services such as Google’s Stadia and Microsoft’s upcoming Project xCloud, it would take a brave investor to bet against the industry experiencing further expansion, particularly with the increasing global popularity of esports.

Such rapid growth and success seldom come without some degree of criticism. For the gaming industry, this has come in the shape of concern about the health issues associated with spending long periods of time in front of a screen. As well as worries over physical health, concern has also been raised about how gaming could impact people’s mental wellbeing, with the World Health Organisation recognising video game addiction as an official illness in May of this year. While many questions need to be answered about the potential health risks associated with gaming, be they physical or psychological, the potential for gaming platforms to be exploited by criminals is an issue that receives far less attention, despite the fact that anecdotal evidence suggests this is becoming more of a problem.

Last month, UK thinktank the Royal United Services Institute (RUSI) published a paper in which it explored how organised criminal gangs are using items purchased or acquired in popular gaming titles to launder their ill-gotten gains. Many games these days allow players to either purchase or accumulate virtual currency and other items that will either aid their progress or make their character more powerful. Some of these can be acquired through the purchase of loot boxes, which many game publishers use to monetise their free titles. Loot boxes have been criticised by some campaigners as a from of gambling, as players who buy them often do not know what they contain. Whether purchased or acquired, these items have value in the real world, and as such can be traded for either cash or cryptocurrency.

At the end of October, US video game developer Valve announced that it had been forced to update its popular Counter Strike: Global Offensive (CS:GO) title as criminals had been using it to launder dirty money. The company said it would now prevent players from trading items while in the game after noticing that “worldwide fraud networks [had] recently shifted to using CS:GO keys to liquidate their gains”.

Back in January, the Independent reported that organised criminals had been using Epic Games’ Fortnite to launder money through its in-game V-bucks currency. Working with cyber security firm Sixgill, the Independent discovered that criminals were buying up V-bucks in bulk before selling them on in large quantities on the dark web, and in smaller number on social media platforms such as Twitter and Instagram.

The popularity of Fortnite has also been exploited by cyber criminals, who have in the past sought to take advantage of players’ keenness to acquire free V-bucks. In June of last year, the UK’s Action Fraud agency warned that cyber scammers were fleecing Fortnite players of cash by tricking them into handing over their Fortnite account details. The hackers placed adverts on social media offering free V-bucks. After clicking through from these, victims were asked to hand over their account details, which the hackers used to log in to their accounts and steal money. Cyber criminals would also offer V-bucks in exchange for victims’ phone numbers, which they would then use to call premium rate lines from which they would profit.

Away from these types of scams and the growing problem of match fixing in esports, perhaps the most worrying ways in which games and gaming platforms are being exploited by criminals relate to grooming. The fact that gamers often communicate with one another anonymously online, and that so many gamers are relatively young, makes games and gaming platforms attractive hunting grounds for sexual predators.

In July of this year, British child protection charity the NSPCC revealed that young people on Amazon’s game-streaming video platform Twitch were among the most likely social media users to report experiencing grooming activity online. Earlier this year, a 41-year-old man was arrested in Florida on suspicion of using Fortnite to initiate sexual activity with children. Anthony Gene Thomas and an accomplice were alleged to have used Fortnite’s voice chat feature to meet minors.

As gaming continues to grow, it is not only likely that these problems will persist, but that criminals will find new ways to exploit the ecosystem of an industry that now dwarfs film, television and music. But just as there is little incentive for games developers to take any real action on gaming addiction, addressing money laundering, fraud and grooming across their products is a low priority.

In much the same way that internet and social media firms have been slow to act on crime facilitated by their platforms, games developers will likely do little to address these issues unless forced to do so through political pressure or legislation. As it makes little difference to their profits if these activities take place across their products or not, investing money in addressing them is probably the last thing on games developers’ minds.

 

Continue Reading

Newsletter

Sign up for our mailing list to receive updates and information on events

Social Widget

Latest articles

Press review

Follow us on Twitter

Trending

Shares