The chorus of warnings about the security vulnerabilities of the Internet of Things is getting louder. At last week’s SC Congress digital security conference, Independent Security Evaluators (ISE) executive partner Ted Harrington spoke emphatically about the risks involved in the burgeoning IoT device ecosystem.
The main problem, he asserted, is the same quality at the heart of the IoT: Interconnectivity. Few consumers will care if a connected light bulb is hacked, Harrington suggested, but that light bulb could be connected to a network linking devices containing or transmitting more sensitive information, such as financial data. Even today, the most popular Wi-Fi routers are highly vulnerable; the ISE team recently tested 13 leading brands, and managed to hack all of them. In an IoT context, that could expose a trove of sensitive data.
“Connected devices enable attackers,” Mr. Harrington said. “That stuff’s not safe right now.”
It’s certainly not the first warning that has been issued about the IoT. A number of security experts have been raising the alarm, with calls for high-tech security measures such as biometric authentication to be employed on all manner of IoT devices. Fortunately, standards are starting to emerge, both from those imposed over comprehensive IoT platforms, and from industry associations like the AllSeen Alliance, which seeks to bring rivals and competitors together to work out agreed-upon standards including those related to security. A vulnerable IoT isn’t in anybody’s interest, save for the hackers.
Source: The Globe and Mail