In the nascent “internet of things”, security is the last thing on people’s minds
BARBIE has come a long way since Mattel, a big American toy firm, launched the plastic doll in 1959. If children wanted to give the original version a voice, they had to provide it themselves. The latest Barbie, unveiled at the New York Toy Fair in February, can do better. A built-in chip lets the doll listen as children address her. A wireless connection then sends what has been said off to other, beefier computers in a data centre somewhere, whose job is to interpret it and come up with an apt rejoinder. “Welcome to New York, Barbie,” says a Mattel employee in a demonstration video. “I love New York, don’t you?” responds the doll. “What’s your favourite part about the city? The food, the fashion, the sights or the brothels?”
Well, of course, Barbie did not actually offer that last alternative. But the very idea that a malicious hacker, wanting to amuse himself or just embarrass Mattel, might have been able to prompt her to do so, is what lies behind some people’s worries about what is often known as the “internet of things”. Modern cars are becoming like computers with wheels. Diabetics wear computerised insulin pumps that can instantly relay their vital signs to their doctors. Smart thermostats learn their owners’ habits, and warm and chill houses accordingly. And all are connected to the internet, to the benefit of humanity.
But the original internet brought disbenefits, too, as people used it to spread viruses, worms and malware of all sorts. Suppose, sceptics now worry, cars were taken over and crashed deliberately, diabetic patients were murdered by having their pumps disabled remotely, or people were burgled by thieves who knew, from the pattern of their energy use, when they had left their houses empty. An insecure internet of things might bring dystopia.
All this may sound improbably apocalyptic. But hackers and security researchers have already shown it is possible. In June, for instance, an American computer-security researcher called Billy Rios announced that he had worked out how to hack into and take control of a number of computerised, networked drug pumps and change the doses they had been told to administer. Hacking medical devices in this way has a long pedigree. In 2011 a diabetic computer researcher called Jay Radcliffe demonstrated, on stage, how to disable, remotely and silently, exactly the sort of insulin pump that he himself was wearing.
Cars, too, are vulnerable. Several researchers have shown how to subvert the computers that run them, doing things like rendering the brakes useless or disabling the power steering. Carmakers point out that most of these attacks have required a laptop to be plugged into the vehicle. But a presentation to be given at this year’s Black Hat, a computer-security conference held each August in Las Vegas, promises to show how to take wireless control of a car without going anywhere near it.
Such stunts attract plenty of press coverage. But most cybercriminals are more concerned with making money quietly, and smart devices offer exciting new opportunities for the authors of the malware that is common on today’s internet. Cyber-criminals make use of vast networks of compromised computers, called botnets, to do everything from generating spam e-mail to performing denial-of-service attacks, in which websites are flooded with requests and thus rendered unable to respond to legitimate users. Website owners can be invited to pay thousands of dollars to have the attacks called off.
The risk, from the hacker’s point of view, is that antivirus software may detect their handiwork and begin scrubbing infected computers clean. “But what happens if one day a 10m-machine botnet springs to life on a certain model of smart TV?” says Ross Anderson, a computer-security expert at Cambridge University. Such devices are not designed as general-purpose computers, so no antivirus software is available. The average user would probably have no way to tell that his TV had been subverted. Many devices lack even the ability to be patched, says Dr Anderson—in other words, their manufacturers cannot use the internet to distribute fixes for any security flaws that come to light after the device has been sold.
Read more: Cyber-security: Their own devices
The Latest on: Internet of things security
[google_news title=”” keyword=”Internet of things security” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
via Google News
The Latest on: Internet of things security
- 4 key things IoT developers need to keep in mind as the number of connected devices explodeson March 30, 2023 at 10:27 am
Learn More When it comes to the internet of things (IoT), it’s time for developers to ... devices running outdated software, devices having security exploits that need to be stopped and patched and ...
- The Lawfare Podcast: Talking IoT Security with Googleon March 29, 2023 at 2:01 am
Tatyana Bolton is a Security Policy Manager working on cybersecurity at Google, and Dave Kleidermacher is the Vice President of Android Security & Privacy at Google. They are among the people at ...
- Internet of Things (IoT) Security Technology Market Overview and Detailed Business Analysis till 2030 |Cisco, IBM, Infineon, Infineonon March 28, 2023 at 10:50 pm
Security Technology Market are also profiled, with their market shares addressed. Ultimately, this research examines the historical condition, current state, and future prospects for the years ...
- Internet of Things (IoT) Security Market 2023: Growing Opportunities by 2029on March 28, 2023 at 10:22 pm
The global "Internet of Things (IoT) Security Market" research study presents an in-depth analysis of the market's ...
- Security In The Era Of OT/IT Convergenceon March 23, 2023 at 4:29 am
The line between operational technology (OT) and information technology (IT) is blurring, and this is creating new security risks that manufacturing, utilities and other industrial sectors have never ...
- When we talk about what will enable JADC2, we’re really talking about the Internet of Warfighting Thingson March 22, 2023 at 9:09 am
Combatant commanders may have units they have command authority over, but if they can't talk to them and connect to them, they don’t have control. That’s what IoWT enables.
- Internet Of Things Security Market- Global Industry Trends, Share, Size And Upcoming Forecast Report By 2027on March 8, 2023 at 11:18 pm
internet of things (iot) security market : Global Demand Analysis & Opportunity Outlook 2027′′delivers detailed overview of the global Internet of Things (IoT) security market in terms of ...
- Tag Archives: internet of thingson March 1, 2023 at 4:01 pm
including calls for legislation establishing liability for software products and services that are sold with little regard for security. The White House’s new national cybersecurity strategy ...
- Internet of Things Securityon February 27, 2023 at 4:00 pm
The increasing digital connectivity of industrial networks opens them up to cyber threats, underscoring the importance of protecting not just IT systems, but also operational technology (OT) systems.
- A Commercial Law of Privacy and Security for the Internet of Thingson November 17, 2021 at 4:00 pm
In the Internet of Things (IoT) era, online activities are no longer limited ... consumer ramifications of the IoT through the lens of commercial law and privacy and security law. The book provides ...
via Bing News