A new web app is helping to highlight the major security dangers of the Internet of Things. Called Shodan, it’s essentially a search engine with hacking capabilities. It scans the internet for connected IoT devices with open ports and no authentication, then hooks up to them to provide live webcam feeds of everything from marijuana grow-ops to babies’ cribs.
Purportedly established to highlight the security flaws of the IoT, Shodan also offers paying members tips on how to hack vulnerbale webcams, taking particular advantage of cheap devices who developers paid little attention to security. The site has prompted alarm, with concerned observers looking to government organizations like the UK’s Information Commission Office and the US Federal Trade Commission for guidance on how to protect users. Meanwhile, organizations like I Am The Cavalry, a coalition of hacktivists seeking to promote security standards for connected medical devices, are popping up to find solutions from the grassroots level.
While all of these efforts are important, the best security solutions could emerge from the industry itself. There has been a growing consensus about the need for more advanced security for the IoT among industry experts, and consortiums like the AllSeen Alliance and FIDO are working with businesses and other stakeholders to develop standards to protect their products, services, and users. The IoT cannot take off if consumers don’t feel safe using connected devices, so the issues highlighted by Shodan could be of concern to those in the IoT industry most of all.
Sources: The Guardian, Ars Technica