Advance

She reaches out to the commercial clouds. 

“Amazon, find me a list of standby, already trained neural networks being offered for lease. Filter for analytic analysis of cyber incursions.”  She picks a neural net and spins it up on her S2 account.  Then she starts playback on the evening’s alerts and routing all remaining the event flow from her gateways to the net.

Rachael’s device clouds were designed to be semi-autonomous.  Each swarm enacted policy as delivered by the edge gateways.  These filtered upstream data, did pre-processing and aggregation of data, and generated alerts and alarms for her management system.  They also took downstream rules and parameters from the corporate decision analysis engine running her collective rule base.  This gave Rachael overall control of the devices and their actions while not having her systems bogged down by the millions of individual control and data streams that leafed from the trunk network. 

Missing data analysis points a finger toward the root cause. Deep diving the ‘trail of blood’ – the alarms from the early traces of the device falloff showed the real thrust of this cyberattack was stealing border control agents and rewriting the delivery address in the devices for the data sent out from her device cloud.  It was clever. Her adversary cracked an edge controller and took over its device's data streams.  ‘How? And what could she do?’ Rachael thinks as she contemplatively taps the Amazon S2 console.

“Amazon agent, give me the current device count on each gateway, starting with those showing steepest decline over the last hour.” ‘Maybe if I could determine where the initial incursion started, I could pin point the weakness,’ she thinks to herself.

Rachael used device development platforms from several different vendors within her network.  If today had any good news, it was just one device cloud was affected. The Siemens’ device platform must have a newly-discovered zero day flaw. Event stream processing made for very rapid identification and classification of incoming events.  It had given her an advantage in winning the water shed maintenance contract, but it must have provided an opening. The Mera platform systems were holding.  She published her finding to Siemens corporate counter-cyber team. Then she activates the counter-cyber routines of her corporate Manager of Managers and directs it to recapturing her gateways. This only succeeds in slowing, not stopping the device count decline.  Seventy percent of her network was still completely inaccessible.

A quick check of the after-hours trading market shows nothing yet reflected on the company valuation - but that could change when the main markets opened in an hour. Similar to the early Internet 2.0 days, when company valuation was dependent on ‘number of eyeballs reached’, today’s market valuation was based on how many devices a company maintained.  Fewer devices and her stock would plummet. ‘If there is one thing going her way, it is that this attack started in the wee morning hours, hoping to catch her unaware.’  Now she had to respond before markets opened and her working credit was trashed. 'A fine way to start the New Year.'

‘Provided Jonathon kept this attack to the markets.’  This was Rachael’s company contract for managing the water control grid.  Besides the rainfall sensor data and flow sensors, its control agents maintained autonomic feedback to the flow control systems for the collected runoff and the NE reservoir outflows. Clearly, Jonathon was not sabotaging the water distribution network, perhaps in order to keep on good terms with the Water Authority. He must want to take over the maintenance and data analytics analysis contract.  She could not just fight a defensive battle. But she could also not back him into a corner too soon, at least while he controlled the border agents. She had to direct Jonathon’s attention so he would not kill her device network, affecting millions of people while bleeding out her company with liability Denial of Service suites.  This called for some significant gambles; time to raid the contingency reserves.

Appel Balestra

The market opens with a steep decline in her stock price. Clearly Jonathon or her client had leaked news of trouble in the data feeds from her IoT net. Auto trader programs triggered massive sells based on estimating near-real-time valuation of her company. She could not yet tell if her corporate office systems also were compromised, so her standard accounts were off limits. But there was no activity showing on her Apple iTrader retirement account.

Rachael engages a fresh external personal agent. 

“Siri, Short International Widget stock: 100,000 shares.”  As the morning ticks on, Siri responds every few minutes.

“Selling International Widget, 40,000 shares at $7.53…  Price falling… 20,000 shares at $7.30…  30,000 shares at $6.32.” While that might bankrupt her come ‘calls due’, on paper she had just cost Jonathon nearly $2 million.

“Siri, initiate an officially registered buyback tender on North East Control Analytics.  Use the Cayman fund.  Release a Tweet with the buyback tender notification.”  That should put some confidence back into her corporate market or at least some hesitancy in the selling. Let the market insiders know she was still swinging with confidence. But if the gamble failed, her reserves were gone.