Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What you need for IoT security

Manoj Kumar Rai, Head of M2M Solutions, South Asia & Japan, Gemalto | June 9, 2016
While it holds a huge potential to deliver better quality of life and business results, security professionals will have to take a closer look at IoT security to counter the risks of cyber-attacks and frauds.

Take the German automaker Volkswagen's emission scandal for instance. Late last year, it admitted that 11 million of its vehicles were fitted with a software that was used to cheat on emission tests in the US. Though not exactly an IoT issue, it exposes the vulnerability that smart physical objects can be embedded with fraudulent software to cheat consumers and authorities, and cause personal or other damages. Volkswagen announced that they will provide a software fix for the affected cars, but that these cars will have to be returned to the dealers for the software update, resulting in significant cost to the company. Now, imagine if the company could fix the problem with a secure architecture Over the Air (OTA) update. These cars could have been mass upgraded with the correct software in a fraction of time and cost, securely and remotely, from any authorized Volkswagen dealer.

We heard many other such cases of falsification across the manufacturing industry in the recent past, the JR Hokkaido Railway Co maintenance sections falsified data of railway gauges prior to special safety inspections; and Asahi Kasei, one of the largest construction companies, admitted that they performed substandard work and falsified data on apartment towers built in Yokohama, leading the building to tilt. As the IoT moves from centralized structure to a complex network of decentralized devices, a greater volume of sensitive data will be exchanged, raising the risks of identity thefts, data falsification, and device manipulation.

2)    IoT Security; A recent study by Pricewaterhouse Coopers concludes that about 70% of connected IoT devices lack fundamental security safeguards. In a bid to provide increased connectivity and mobility, more and more manufacturers are rushing to make their devices easy to connect, often ignoring the security vulnerabilities that arise from being connected to a complex and dynamic distributed system.

Recent incident of hackers being able to seize control of a jeep remotely via its internet-connected entertainment system was one of the most attention-grabbing demonstrations of the cyber security challenges with IoT. Hackers were able to take over brakes, transmission and other critical driving functions using just a laptop, exposing serious problems that can put our lives in danger.

It's no longer only PCs and mobile devices that can be used to launch an attack. Researchers have uncovered serious flaws in smart fridge and popular routers which can be exploited to run man-in-the-middle attacks. A home router is a hub for all connected personal devices that are no longer working in silo, but rather as a part of larger ecosystem of many other connected systems. Once hacked, intruders or cyber criminals can exploit virtually every function connected to the wi-fi network.                                                                                  

 

Previous Page  1  2  3  4  Next Page 

Sign up for Computerworld eNewsletters.