As the era of connected devices growing, security also need to be increased. One of major issue for Internet of Things is the security.
Security Entrepreneur, Chris Rouland, bet his next company, an Internet-of-Things-focused security startup called Bastille, on the risks of hackable digital objects. And he argues that public understanding of those risks is on the rise. “2015 has been the pivotal year when we saw awareness and vulnerability discoveries published about ‘things’,” Rouland says. He’s added a new slogan to his powerpoint presentations: “Cyber Barbie is now part of the kill chain.”
Wired elaborates some hacks of Internet of Things on 2015:
Some hacks that has happened in Automobile with Internet of Things are:
1. At the DefCon hacker conference in August, Marc Rogers, principal security researcher for CloudFlare, and Kevin Mahaffey, co-founder and CTO of mobile security firm Lookout, revealed a suite of vulnerabilities they found in the Tesla Model S that would have allowed someone to connect their laptop to the car’s network cable behind the driver’s-side dashboard, start the $100,000 vehicle with a software command, and drive off with it—or they could plant a remote-access Trojan on the car’s internal network to later remotely cut the engine while someone was driving. They even found that these vulnerabilities do not need physical access to the car first.
2. Researchers at the University of California at San Diego showed that they could remotely exploit a small dongle that insurance companies ask users to plug into their dashboards to monitor their car’s speed and acceleration. Through that tiny gadget’s radio, they were able to send commands to a Corvette that disabled its brakes.
Internet of Things Devices are not all about hacked cars. Medical equipment and devices also have some weaknesses.
1. Students at the University of Alabama showed why Cheney’s cardiologist had cause for concern this year when they hacked the pacemaker implanted in an iStan—a robotic dummy patient used to train medical students—and theoretically killed it. “[W]e could speed the heart rate up; we could slow it down,” Mike Jacobs, director of the university’s simulation program told Motherboard. “If it had a defibrillator, which most do, we could have shocked it repeatedly.”
2. The Federal Drug Administration, which oversees the safety approval process of medical equipment, has taken note of the problems found in all of these devices and others and is beginning to take steps to remedy them. The federal agency began working this year with a California doctor to find a way to fix security problems found in insulin pumpsspecifically. But the remedies they devise for these pumps could serve as a model for securing other medical devices as well.
The problem with medical devices is they cannot be fixed with a simple software patch. instead, they require the systems to be re-architected.
With all of these vulnerabilities, i guess IoT company needs to improve their security system. Adding some robust security framework can help them gain trust from the customers. We don’t want our car being hijacked, aren’t we?