The one with Security-of-things article
22 Jan 2016
Reading time ~4 minutesPosts page
Thirty years back, if you were told that someone could use your watch to hack into your email account, you would probably laugh at him and tell him to stop watching james bond movies. But if today you were told that someone can use your refrigerator to steal data from your computer, you would probably unplug it and eat melted ice-cream for days. Welcome to the world of internet of things, where every piece of digital equipment is connected, to give the best user experience and ease of use. From toothbrush to a family sedan, from table lamp to furniture everything is connected to internet. Internet of things has the power to revolutionize the way we live our life, and it already has, we no longer care for the lights to be turned off, they turn off themselves. But, it seems Spiderman’s Uncle Ben was right “with great powers comes greater responsibility”, because IOT is becoming a new attractive target for the criminals.
Since the inception of computer systems, there were always issues regarding security.How to protect the system form unauthoriused use and access , how to protect data, were some questions that haunted developers and engineers. It’s a continuous process, because every hour people come up with new ways to crack into the systems. And now with the emerging trend of internet of things, the “hackers” have definitely found themselves in the center of huge vulnerable market, that can be brought down to knees. In late 70’s a group of people called “phone phreaks” found out a way to make free phone calls with telephones. Imagine in today’s world if someone is able to access even your email account, he can block your mobile device, find out your location, erase your data, etc. , all that sitting in one place.
Very recently “the Jeep cherokee hack” an account describing how 2 security researchers were actually able to wirelessly hack into a jeep, published on Wired. These researchers were not able to control the car’s entertainment system, but were successful in killing the accelerator pedal. This is one of the most dramatic demonstrations of how security issues needs to be given proper attention with the growth of internet of things. With everything connected to the internet, it has increased the vulnerability of the system, giving more attack vectors and possibilities.
Designers and companies building products around internet of things should keep in mind while building large complex connected system:
The craze of connecting everything, has outpaced the security factor In a race to connect more and more devices to internet more vendors haven’t given much thoughts to making their devices secure. For this the designer should have complete information and tools to not only make the device user-friendly but also make sure that device doesn’t have any back doors.
More number of devices means more vulnerability. IOT devices are always connected and always on. If a vulnerable point in a device is found out, it’s easy to take down a whole system, as the whole system depends on these small connected device nodes. The thing about IOT devices is that, these are not our daily use computer system’s, where might be able to push a restart button to get things straight. IOT devices can sometimes be sitting some place even inaccessible to users, collecting data or performing a crucial task. In case of a security breach, the devices can be misused for malicious purpose.
Call for Security of things. With the rise of the IOT devices, SOT or security of things should also be taken into aspect. We surely don’t want to live in a world where millions of devices can be used to track ourself. Another article published accounted how baby surveillance cameras were used to track live feeds, giving unauthorised access to other users and changing camera setting.
An multilayered approach for designing IOT devices should be taken in considerations where in system can be tested and vulnerabilities can be found right from design boards to manufacturing of them. It’s not only that devices have security holes, but the communication protocols also are vulnerable points.
Though companies and government agencies previously ignored the issues have now become concerned about the security of things. after “The jeep cherokee hack ” over 1.4 millions cars and trucks in US were recalled for software patch updates. It is surely evident that Internet of things is the new generation of computational power that will become an important part of the world soon. Soon enough we all will be surrounded by devices that would not only help us but also make our lives comfortable, before which many other factors have to be addressed , security being one of them. As of now it’s not sure if we would be able to harness this newly technology that would change the way we live or will we end up building something that would later be threat for our own existence?