March Round Up of News that Proves Trust Is The Point
The issues with IoT security are so widespread that most articles that focus on how the Internet of Things will change our lives also give attention to the potential security and privacy risks.
As attention mounts, experts and consumers alike are demanding better security. Here's a round-up of some of the articles that caught our attention this month:
It's bad enough when a webcam is hacked — imagine the ramifications of having a pacemaker compromised. As it turns out, many pacemakers have connectivity capabilities. Most patients don't know the device that's keeping them alive can connect to the Internet.
While the article points out that there are no known cases of hack on pacemakers, researchers have shown that it can be done. However, the article does go on to say “research firm Forrester has predicted that 2016 will be the year we see ransomware for a medical device or wearable.”
The need for software updates, including patches to fix security, is nothing new. Our computers, our smartphones and other devices regularly receive updates to keep them running. This article explores the issue with IoT devices and their limitations to be fixed when a breach is discovered. The fact that devices do not have adequate security today points to what is destined to be an ongoing problem of playing catch up for years to come.
The issue of not having a mechanism to send out software patches is highlighted with the recent revelation of a vulnerability with the Qualcomm system on chip devices. The vulnerability leaves thousands of devices — from Barbie dolls to fridges and heating systems open to attack. When a system is available for delivering an update, it's questionable whether most consumers would understand the urgency of actually doing the update.
While much of the focus has been on the potential for hacking, there are stories where hacks do take place outside of the realm of researchers. PCWorld reported that earlier this month “thousands of connected printers, largely at U.S. colleges and universities, began printing out racist, anti-Semitic, and anti-immigrant messages. In all cases, the printers had port 9100 exposed and turned up in searches using Masscan, a mass IP port scanner. All it took was five lines of code to take them over.”
Solutions are Needed Now
The number of Internet of Things devices is expected grow exponentially in the coming years. Some devices will undoubtedly fail while others are bound to become wildly popular with consumers. Now is the time to build the security and infrastructure that will protect the security and privacy of users, instead of hoping for a fix when something goes wrong.