It looks as if the mainstream media is waking to the security implications of the “Internet of Things,” in the wake of recent demonstrations at the Black Hat and DEFCON conferences that highlight vulnerabilities in everything from home automation systems to automobiles to toilets.
Stories in The New York Times and other major news outlets in the last week have highlighted concerns about “the cyber crime of things” as Christopher Mims, writing in The Atlantic, called it. Insecure, Internet connected devices ranging from surveillance cameras to home heating and cooling systems could leave consumers vulnerable to remote attacks and spying.
The stories come after hacks to non-traditional computing platforms stole most of the headlines from this year’s Black Hat and DEFCON shows in Las Vegas. A compromise of a Toyota Prius hybrid by researchers Charlie Miller of Twitter and Chris Valasek of IOActive was featured prominently in stories by Forbes and others.
By and large, the articles don’t break any new ground. “Build it and (the hackers) will come” is a common refrain. That’s absolutely true and – as Nick Percoco told us in his interview two weeks ago, device manufacturers need to pay more attention to security, rather than assume (as home automation device maker Mi Casa Verde does) that the people buying their devices are technically sophisticated users who would rather have all the bells and whistles enabled than to have a device that’s secure by default.
“We know from testing corporate clients, many corporations don’t have secure wireless networks, let alone consumers,” Percoco told us.
An equally important issue is raised by Mims at The Atlantic. Namely: what are the privacy implications of living in homes and public spaces that are bristling with remote sensors? Surely there are benefits to be had: nudging your thermostat up on the drive home from work. But in an age of ever more present government and private sector surveillance, the ability of others to see into our private lives and infer our behavior increases with each new sensor that is deployed.
“Once entire homes are fully instrumented with sensors, there is no end to the kind of data that hackers and governments could gather about us and our habits,” Mims writes. Indeed.
Paul speaks with Sudhakar Ramakrishna, the CEO of the firm Pulse Secure
Watch as Paul Roberts, editor-in-chief of Security Ledger, talks with Todd Morneau to better understand RSA Labs and the innovations coming from this group.
In a longer discussion, Paul Roberts, editor-in-chief of Security Ledger, talks with RSA Chief Technology Officer Dr. Zulfikar Ramzan about the technology trends influencing the future of cybersecurity in their opinion.