Security warning over the Internet of Things
11 Sep 20140 Comments
A lack of security built into devices forming the so-called Internet of Things (IoT) could be catastrophic in the event of a cyber attack, according to a new report by Beecham Research.
The report, entitled "Evolving Secure Requirements for the Internet of Things", warns that there are insufficient security capabilities within the emerging IoT standards to manage the long life-cycles expected of many connected devices.
While we may have some visibility of potential attacks over a few months, we need to protect IoT devices in the field for 10 years or longer," said Professor Jon Howes, one of the authors of the report and technology director at Beecham Research.
He continued: "Devices must be securely managed over their entire lifecycle, to be reset if needed and to enable remote remediation to rebuild and extend security capabilities over time."
This lack of security could enable "immense damage" to be wrought by cyber attackers in the future, warns Howes. He believes that the answer to these challenges lies at the architectural level for both devices and systems, and stretches from semiconductors through to network operators and system integrators. This approach underlines the need for common security objectives across the industry and interoperability within broad systems, he added.
According to Elliptic Technologies chief technology officer Mike Borza, a large part of the problem is that many of the companies involved in the internet of things are rushing to building new devices, and security comes way down their list of priorities.