Wednesday, July 4, 2018

IEEE Spectrum July 2018: 6 WAYS IoT IS VULNERABLE

IEEE Spectrum 2018-07 publishes an opinion by Stacey Higginbotham about the vulnerability of IoT devices and systems:

6 WAYS IoT IS VULNERABLE

Here is an excerpt of the six reasons why security for the Internet of Things (IoT) is different from—and more difficult to tackle than—traditional IT security:

  1. We’ve raised the stakes by connecting more physical systems and facilities to wireless networks -> Consequences of failure are more dire.
  2. IoT security is a special challenge:The adversaries are unlike any we’ve seen before.
  3. For traditional IT system, one can count on the software company’s support for a
    set amount of time. What we see: it could be 10 years, 7, 3, 2, or even 0 ...
  4. A connected product that generates a small profit may require years of updates, patches, and security evaluations.
  5. Many connected devices are built with software, hardware, and firmware that are created
    by different companies and pieced together at the end. It takes only one weak link to create a vulnerability ...
  6. Many connected devices live in environments unlike any IT system. In a home, there’s no IT manager to push patches to a connected fridge. And in an industrial setting, patching one machine might cause it to stop working with other equipment on the line.

I would summarize the challenge as follows:

IoT devices and systems require in principle the same attention, efforts and resources like traditional IT systems. The sheer unlimited number of interconnected IoT devices will work securely only if we except to spend much more money than what the market expects!

Or: Today´s solutions will be the problems of tomorrow.

Click HERE for the complete document (1 page).



No comments: