Security Issues in the Advancing IoT

747 Views

From the moment Kevin Ashton coined Internet of Things term, and started talking about advanced connectivity and machine to machine communication, peoples’ reactions went from idealized picture of smart cities to apocalyptic scenes from Terminator 2: Judgment Day movie. Truth is that people still don’t realize the real dangers that are lurking behind Internet of Things concept. In this article we will discuss Internet of Things’ security and potential issues that might come up, when this concept becomes fully operational in real life.

Advancing IoT

Awakening Jeep and Tesla hacks

It was a lovely sunny day in St. Louis. Andy Greenberg drove his Jeep Cherokee on the freeway, when SUV’s computer went mad. First it messed in-seat climate control system and made Andy chill, then it changed music from easy hip hop beats to maximum-volume Skee-lo and in the end the engine completely stop running, and the pictures of Charlie Miller and Chris Valaseck showed up on computer’s display.

After this stunt, Miller and Valaseck immediately received competitive job offers from Tesla. But even their advanced hacking and internet security skills weren’t able to protect Tesla’s Model S from Kevin Mahhafey’s and Marc Rodgers’ hack, which used insecure four years old Apple WebKit to shut down electric roadster’s engine.  These two car hacks made some of the worst IoT enthusiasts’ dreams come true. They showed that in Internet of Things environment skillful hackers can access various devices and make them run in irregular way. This means that hacker can for example connect to company’s printers, start them all at once and make them print ‘War and Peace’ novels, therefore destroying company’s printing budget. One way out of this issue is to refill your HP toner and forget it ever happened. But traffic, medical equipment and military installations hacks can be 1,000 times more hazardous and even the slightest possibility of hacking some of these gadgets sounds terrifying.

Some of the most common IoT security issues

Internet of Things undoubtedly increases attack surface. Experts are still trying to find effective and scalable solutions that will help them to make IoT more secure, but these are some of the burning issues they are still facing today:

  • Current IP is too small for IoT– IPv4’s block space is limited and it is already depleted by American Registry of Internet Numbers. IoT concept involves trillions of new IP addresses, with each one being assigned to every new gadget that connects to the network. Some experts like Francis daCosta claim that this huge number of new IoT devices won’t be individually managed. New devices will only be accommodated by the new IPv6 protocol. This will lead to creation of many new self-organizing local networks. These small networks will enable administrators to have a closer look on devices’ security.
  • Future OS wars– Today most devices like Apple watches, sleep monitors and smart locks connect directly to smartphones and desktop computers and use their OS to run their chores and deliver data. In the future when every gadget will be capable of connecting to the network independently, they will all require their own Operational Systems. This will create a huge stir in already messy OS market, and it will be really hard to mash up data from hundred (maybe even thousand) different operational systems.
  • Hardware problemsEdith Ramirez, chairwoman of US Federal Trade Commission, is one of the first experts who realized that production of low-cost and low-quality sensor devices increases vulnerability of the whole IoT concept. Most IoT chips that are sold today are based on outdated architecture (like Quark processors). This means they are much easier to breach. That’s why IoT concept still requires standardization, when it comes to both hardware and software, which will drastically increase its security.

IoT devices require complex security

Devices that make IoT concept running require complex security that will cover all possible threats and scenarios and have multilayer approach. Question of IoT device security needs to be addressed throughout devices lifecycle and it should cover all of its phases, from initial design to real time operational environment. Devices should contain all of these security mechanisms and protocols:

  • Secure booting– from the moment device is turned on, it should go through system verification, using cryptographic digital signatures;
  • Access control– if some part of IoT device is compromised, access control should stop the intruder from obtaining more data from the network;
  • Device authentication– each device should authenticate itself prior to obtaining network access;
  • Firewalls– IoT devices require firewalls that will control incoming and outgoing information;
  • Regular patches– devices’ OS should be patched on a regular basis;

Internet of things is still in first phases of its development. It is very important to say that development of internet itself went through these phases in a very similar way. Two decades ago there were many concerns about network security, and many experts were very doubtful of its use in official communication, banking and sales fields. These concerns grew after the appearance of malware, DDoS attacks and phishing. Despite all these concerns and security risks internet now makes the world moving and represents indispensable tool in all spheres of human life. Hopefully one day, Internet of Things will reach the same status.

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Games Security
Leadberry.com
A next gen B2B lead generation tool for companies – Leadberry
Gmail
Exciting Feature you need to know about Gmail
Digital Marketing
Expanding Your Digital Marketing in 2017
External Giveaway Freebie TechnoGiants Giveaway
iCare Data Recovery Pro
Giveaway #39: iCare Data Recovery Pro Free Download with License Key
Mother's Day Campaign
Freebie: TechnoGiants Celebrating Mother’s Day
iCare Data Recovery Pro License Key
Giveaway #38: Free iCare Data Recovery Pro License Key for 3 Days Only
Android iPhone
Download Manager for Android
Best Android downloading Softwares
iPhone 8
The Apple iPhone 8: Everything We Know About It!
iOS 10.3
5 things that make iOS 10.3 a milestone update
Adsense
Outsource SEO
5 tips that will help you with SEO Outsourcing
Search Engine Optimization
A Beginner’s Guide to SEO
Social Media Tips
7 Best Practices for Organic Link Building
MAC Software
DVD Copy
How do you copy DVD with DVDFab DVD Copy Software?
Able2Extract Professional 11
6 Time-Saving Tricks: Featuring Able2Extract Professional 11
Review FotoJet
Review FotoJet: Create Photo Collages and Designs for Free
Blogging Social Media
eCommerce
How to Set Up an eCommerce Store Using WordPress in 7 Steps
Instagram
Instagram Features you Should Maximize
WordPress Security
9 Simple Tips to Help Buff up Your WordPress Security!
Debit cards
The Rise in use of Credit/Debit cards in India after Demonetization
Data Recovery
Infographic: Data Loss & Data Recovery
Magento Ecommerce Website
Infographic: Magento Ecommerce Website Design and Development
Xamarin Benefits
Infographic: Xamarin Benefits for Business
Read previous post:
Data Recovery
Infographic: Data Loss & Data Recovery

EaseUS Data Recovery Wizard is a recovery software for Windows that supports file, partition and complete recoveries of data. Completely,...

Close