31 C
Sunday, July 21, 2024

IoT Security

Towhidul Haque RoniSoftware Engineering Senior Analyst, Accenture

Nowadays everybody is talking about Internet of Things (IoT) but not many are talking about its security. Suppose, your friend told you that, hackers will use your air conditioner (AC) to hack your facebook password. It may sounds very funny to most people. But in reality where IoT devices are continuously increasing and they are really sharing their information to each other including social media with authentication, it could be a common breaching scenario. It is the high time to be concern about the IoT security, especially for the device manufacturers, developers, service providers and network operators.     

All of us have more or less idea about what IoT is. It refers to machines talking to each other which is known as device to device communications. Fifteen years back we were only concern about protecting our PC and about ten years ago we start to protect our smartphone, tabs etc. Now we have to think about the security of the smart watch and wearables, thermostats, cars, lights, refrigerators, home appliances. It is estimated that, within 2020, the number of connected devices will be exceeds 40 billion. These devices are very attractive to the hackers. For example, the baby monitor device can be hacked to watch unauthorizedly, provide access to others, change the settings etc. If they hack the connected car, they can be able to break the car in the middle of road or can open the door locks or accelerate the car unknowingly. Even in the worst scenario hackers can hack personal medical data or bank information from wearables.

At present we have observed that both manufacturers and the users are careless about their IoT devices. Device manufactures are in the race of releasing new devices or new version of the devices and they rarely provides the firmware updates for old devices. So, initially the device might be secured but later hackers found the loopholes and manufactures are not interested to update the old device, thus the door remains open to the hackers. On the other hand users are also careless, often they are too lazy to change the default password or upgrade the firmware or the OS of the devices. On PCs, smartphones or tables updates are happening automatically, but for the IoT it is still quite challenging.

A recent report from HP shows that, 70 % IoT devices are vulnerable to attack. We have to think about the security from the day one. We have to predict the lifecycle; also have to provide time to time security updates. Authentication system must be improve without compromising the user experience. IoT network should be secured from the device to the back end system on internet including end point features such as antivirus and antimalware. Another most important concern is data encryption. Data should be encrypted with standard cryptographic algorithm though out the networks.

There is no doubt that IoT is the next future of IT, but the security risk of these IoT devices can’t be ignored. It is the high time to think about the IoT security to make our future life secured and hassle free.

Related Articles


Cloud Computing Security Issues, Threats and Controls

Cloud Computing and service models  The official NIST definition (NIST 800-145) of cloud computing says, “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand...
API and Open Banking

API and Open Banking: Way for New Service Innovation for Banks and FinTech Companies

The people who gathered at a hall room of a city hotel in last month had one thing in common—they all are working in...
ISO 2001

ISO 27002: 2022 Implementation vs Reality

After almost a decade, ISO27001: 2013 is going to publish its new iteration of ISO27001:2022 in second (2nd) Quarter this year1. But prior to...
Deepfakes: The Synthetic Media I want to believe

Deepfakes: The Synthetic Media I want to believe

What Are Deepfakes? A deepfake is a sort of "synthetic media," which refers to material (such as images, audio, and video) that has been modified...
The power of API platforms

The power of API platforms brings the open banking promise into sharper focus

Open banking is a global phenomenon whose merits are felt in virtually every time zone, including those in the Asia-Pacific region. In contrast to...
Blockchains Gaming and Collusion

“Blockchains: Gaming and Collusion- A Reading in Political Economy”:  Futuristic Exploration with Fact-based Analysis

In this digital age, it has become quite common for us to constantly remain mesmerized by fascinating technologies.  However, deeper thoughts about those technologies,...