Solve cybercrime by permanently linking physical space and cyberspace

Virtually every cyber threat is enabled by the failure of most online identity verification systems to reliably connect a person’s physical identity with his or her cyber identity. Solving this problem will dramatically improve global cyber security.

false identity

Another day another hack. Check Point Software Technologies recently announced the emergence of Android smartphone malware called Gooligan that so far has affected over 1 million devices. According to Check Point, Gooligan compromises Google account tokens and transfers them to a remote server where thieves can use them to access any Google service by posing as the owner of the affected device.

The hack works even if the device owner has two-factor authentication turned on. This is possible because Google attempts to make users’ lives easier by tokenizing a first login whether by password or by multi-factor authentication.

Gooligan is yet another example of where weaknesses in identity verification processes help facilitate cyber-crime, espionage, and terrorism. In this case, the true identity and integrity of a third party Android app publisher is not verified by the app store visited by Android users. At first glance, this may seem like an intractable problem. It isn’t if one considers that governments require identity verification for a broad array of real-world activities. A person cannot board an airplane without reliable identification or drive a car without a driver’s license. In today’s world, a convicted murderer can upload a malware-laden app. Yes, I am suggesting that app publishers be verified in the real-world before being allowed to upload to an app store.

From more than 12 years of intensive study of the issue, I have concluded that absence of reliable, hack resistant identity verification is the root cause of nearly all cyber-attacks and data breaches. This includes failure to identify (human or machine) senders of conventional email, a very serious problem leading to malware infection. 

The best way to frame the problem is to imagine two spaces. The first is physical space where human beings reside and where server hardware resides in racks in data centers and smartphones reside in users’ pockets. The second is cyberspace which is completely nonphysical and exists as electrons flowing through wires or photons flowing through fiber and the space between Earth and satellites.

Spies, criminals, and terrorist nation-states can use the anonymity of today’s cyberspace to deliver malware because there is no permanent link between human beings in physical space and the identities used to cross the boundary between physical space and cyberspace.

The idealized view of cyberspace assumes that cyber-citizens can enjoy anonymity and that bad actors can simultaneously be held at bay. This is an unrealistic utopian idea that is disproven every day with each new attack and breach. Sept. 11th, 2001 demonstrated the use of airplanes as devastating weapons and no one expects that governments will ever allow passengers to board an airplane without physical-space identity proof. Cyberspace has proven just as dangerous albeit without as many deaths – yet – or dramatic visuals – yet.

So what kind of identity proof should we employ when crossing the physical/cyber-space boundary?

The only possible answer is biometrics. Only a biological measurement – fingerprint, finger vein pattern, iris pattern, or some other attribute uniquely associated with a human in physical space – can reliably link a physical-space identity to his or her cyber-space identity.

Some biometric measures are better than others. Fingerprints, iris patterns, voice or facial recognition all have the disadvantage of being relatively easy to obtain from latent sources (fingerprints left on a wine glass, for example) or from photographs or surreptitiously obtained voice recordings.

One of the more interesting methods is gait analysis using the sensors built into most smartphones. A phone’s accelerometer and gyroscope sensors record a person’s physical movements which are unique to each individual. This kind of biometric measure is extremely difficult to hijack since an exploit would require, at a minimum, some kind of video recording of the target user’s unique walk, arm movements, and certain static physical attributes. This method has the additional advantage of providing ‘zero factor’ user authentication. A person would not have to scan anything or take a photograph. The authentication is always ‘on’.

Since so many cyber threats are, at their root, effective because of the broken link between physical space and cyberspace, adoption of some form of biometric credential is the only way to comprehensively stop cyber threats.

In part 2, Enemy at the Gates will address the problems with biometrics as an identification method – most notably storage of biometric reference information in centralized databases – and suggest possible solutions.

Copyright © 2016 IDG Communications, Inc.

Make your voice heard. Share your experience in CSO's Security Priorities Study.