Connecting the Unconnected. Securing the Internet of Things (IoT)
Thanks to some of the ideas and research from a presentation by Filip Chytry, a Developer & Hacker from Avast.
"By the end of the decade, everyone on Earth will be connected," says Google chairman, Eric Schmidt.
We’re connected by our Things
What are those things? Those which you already know are laptops, mobile phones, tablets, cameras, televisions, and even the new-generation watches or cars. Those you might know but don’t often see (unless you are an IT geek) are servers, routers, gadgets, and sensors.
The Internet of Things (IoT) has unleashed new trends, and things are now labelled “Smart X.” Replace X with Home, City, Life, Toys, Things, or anything you can think of, and you have an indication of the frontier of Smart Everything. When things are connected and communicate with one another, knowing everything about you, with little intervention, they are “smart”. Your home is smart because your house alarms, sensors, and lights can exchange information, making well-informed, logical decisions about your habits, and then adjusting automatically to suit those variations.
Extend this functionality to your car, and you'll have a smart car; to a public space, and you'll have a smart city.
But wait, there’s more! We can now connect the unconnected. Modern technology will permit cows to be connected. Vital Herd, a Texas-based startup makes it happen via an “electronic pill”. This device sits in the cow’s stomach and transmits their vital signs to farmers who can head off costly livestock illnesses or death. Incredible!
The Barbie doll that your children are playing with can now be connected to communicate with your children. The doll’s internet connection can provide conversational feedback quickly enough to emulate a real chat.
There’s always a Catch
For every new kind of technology, there is bound to be a new kind of problem. Along with the arrival of desktops, laptops, and the World Wide Web (www), we now encounter cybercrime and cybersecurity happening outside in the real world. In the last few years with the advent of mobile technology, both enterprises and consumers were required to deal with a new issue: mobile security. With cloud computing, we then had to deal with cloud security. Now, of course, as we enter the age of IoT, we have to manage IoT security.
Everything that can be connected to the Internet is vulnerable to hacking attempts. Poorly designed or implemented systems can expose serious vulnerabilities that attackers can exploit, according to Symantec. Security is no longer a serious challenge to hackers and poses serious concerns for global corporations and SMEs.
“Even dairy farmers want to safeguard information about the health of their herds,” says Brian Walsh, Vital Herd’s CEO.
Security is a big issue because the data is valuable, including both enterprise and personal data. This information is used for direct marketing, social statistics, and much more. Once stolen, it can be leveraged for blackmailing a company to restore it, or it can simply be utilized to make purchases with someone else’s money for goods that can then be sold. There is a black market, operated by the Russian underground, providing hacking-as-a-service (HaaS); it provides tools, services, and resources for unscrupulous thieves to perform the hacking. And if data alone doesn't catch your attention, or raise enough concern, maybe the threat of death might be sufficient. Security experts now worry that the Internet of Things will be used to kill someone.
Murder by the Internet
Let’s consider just a few of the frightening possibilities:
- A fleet of remote control quad-copters or drones equipped with explosives and controlled by terrorists.
- Someone hacks into a connected insulin pump or a coronary pacemaker and changes the settings in a lethal way.
- A hacker who accesses a building's furnace and thermostat controls and runs the furnace full bore until a fire is started.
We are no longer dealing with young amateurs who do it for the sake of simply testing or perhaps demonstrating their technical skills. It is not a case of skilled hackers that want to raise awareness, prove a point, or simply amuse themselves. We're now dealing with nations, states, and state-sponsored groups.
It is definitely not some ephemeral, ghostly, pseudo-threat devised by security agencies to get more funding. Just browse the news in recent weeks and you will see how terrorists have resorted to truly despicable means to inflict physical harm. It means nothing for them to cause incredible damage using technology to advance a political or religious doctrine at the expense of innocent lives.
The duality of good and evil has always existed, from the simple fairy tales to canonical religious literature. There is no good without evil. The tremendous benefit of the Internet Of Things is real. And our lives will almost certainly become better because of it. But the key point to understand here is that Technology itself is neither good nor evil. Remember: Alfred Nobel (of the Nobel Prize), invented dynamite to save the lives of miners that were using very dangerous Nitroglycerine. He didn’t conceive of the destructive uses it would be put to in wartime. The invention itself wasn’t good or evil. It was only the purposes that humans used it for that had a morality attached.
We should connect the Internet of Things, but we should not do it blithely and merely hope for the best. We know there are evil people in the world that will attempt to pervert anything, whether it is good or bad. Let’s make sure we build-in the security the first time, and not wait for something to go wrong before we take steps to protect people. It is our obligation as responsible human beings to design well, look out for each other, and keep the evil at bay.
Data encryption tool for GDPRMore information
You Might Be Interested in Reading These Articles
4 Common Mobile Point of Sale (POS) Security Issues Affecting Retailers That POS Providers Need to Act On
As mobile point-of-sale applications and systems are picking up speed at retailers around the world replacing traditional one, they become appealing targets for cybercriminals allured by the amount of consumer data entered in POS systems whether through unauthorized access, mobile malware or hacking the backend.
Published on January 03, 2017
MazelTov and the Russian Underground Have It Going for Your Android Devices. But Not for Good Reasons
The Internet has been a good place for individuals and businesses. However, it's fast-becoming a leading medium for criminals in this cyber war against people like you and I. One example is the Russian underground that sell anything to do with cyber crime. On their websites, you can find any type of Trojans, exploits, rootkits and fake documents.
Published on May 19, 2015
Is There A Network Protocol for Your Mobile Apps That Offers A Higher Security Level While Consuming Less Bandwidth Than HTTPS? Yes, There Is
For mobile apps or websites that don’t have logins, forms or features to extract data, you don’t need secure access. For banking websites, mobile apps and mobile banking services, without a doubt, secure communication is a must. But nothing is ever black and white.
Published on September 13, 2016