IoT

Is IoT really the new Wild West?

4th November 2016
Enaie Azambuja
0

This weekend has seen many new headlines in the mainstream press regarding the recent botnet attack creating more fear and lack of consumer trust in IoT devices, headlines such as: “Do you want your shower to help Russian hackers?“ “IoT-enabled botnet launches record 1.5Tbps DDoS attack!” Just why are IoT devices so vulnerable and who is going to help fix the issues or is IoT really the new wild west.

Hijacking Internet Connected Devices

The botnet attack occurred as hackers were able to hijack a vast number of internet connected devices (such as IoT wifi routers / home cameras) which they then used to throw vast amounts of junk traffic at DNS services operated by US company Dyn. With the DNS service being down, hundreds of very popular websites were inaccessible including: Netflix, Twitter, GitHub, AirBnB etc.

Why were IoT devices used in such an attack?

The reason is simple, most of the devices have very limited security measures which meant the hackers could easily place their malware on to the devices. In a recent survey by HP it found that over 70% of the IoT devices and sensors examined were susceptible to one or more of the vulnerabilities in the OWASP Internet of Things Top 10.

Over the last few years there has been many examples of security flaws in IoT devices such as the very public example of Osram Lightify smart bulbs that security experts found could enable hackers to breach home Wi-Fi networks.

Nine flaws in the Home and Pro versions of Osram Lightify could let attackers gain access to home Wi-Fi network and activate the lights. Connected devices create an increased level of intrusion in our lives, generating new types and unprecedented quantities of data, raising further the importance of quality and security in such products.

Who is at Fault for IoT Security Vulnerabilities?

Consumer trust in IoT is already low but who is going to start to address the issues. Is it the responsibility of the consumer who owns the device to ensure it has the latest security patches? Is it the networks that allow the attacks to occur and could block the traffic? Is it the manufacturers who produce the products, should they be made to maintain updates for a period?

The problem with IoT is that consumers won’t fix it as they demand cheap products and manufactures are meeting this request with creating simple products, sometimes on a shoe-string.

The only real answer has to be increased regulation but there is a current myriad of competing standards all fighting for top spot. Whilst the industry waits for the governments and IoT consortiums to start the regulation process it has to be up to the IoT providers to ensure the quality and security of their products.

The Solution

They must ensure that products pass through a vigorous QA process and be verified against the latest security standards. There must also be consideration for ongoing maintenance of the products ensuring they are regularly updated depending on their criticality. Unless these issues are addressed the only winners in the IoT wild west will be the hackers.

The T&VS IoT lab and certification process helps companies to ensure their products conform to the latest industry standards and QA and security testing best practices.

Product Spotlight

Upcoming Events

View all events
Newsletter
Latest global electronics news
© Copyright 2024 Electronic Specifier