Now that we’ve begun the new year, it may be the best time to revisit Internet of Things (IoT) legislation (even though the relevant bills have been on the Hill since the summer).
A recently introduced bill addresses perceived vulnerabilities in the security of IoT devices sold to the federal government, and medical devices that connect to the Internet. IoT device manufacturers would also have responsibilities to ensure security over the life of the devices. The counter-argument to this legislation, however, is that disclosure and certification requirements could create additional liability for device manufacturers.
Source: Regulation is the best hope for IoT security – imagine that! | CSO Online
Today, each one of us is knowingly or unknowingly a protagonist in a digitally connected world. Our every move is recorded. However, instead of beaming these mundane details out to the world, our information is being used by marketers and organizations who analyse and dissect it to tailor-make their goods and services for us.
Some of this is happening with our consent.
For instance, at any given time, we have Apple’s Siri or Amazon’s Alexa with Echo or Google’s virtual assistant listening in to our conversations to do our bidding at our call.
Source: The dark side of the Internet of Things | Livemint
While medical equipment has long presented thorny security problems, Internet of Things devices in hospitals bring entirely new, and often daunting, cyberthreats.
Take Mirai malware as just the latest example. In late 2017, cybersecurity experts discovered a new variant of Mirai, which transforms Linux networked devices into remote-controlled bots that can be used as part of a botnet in major network attacks. This new variant was designed specially to attack Internet of Things devices.
“The attack is a distributed denial of service attack, meaning the malware now can commandeer previously immune devices and use them to target large amounts of traffic at other devices, causing them to fail due to resource exhaustion,” explained Mike Ahmadi, global director of IoT security at DigiCert, a cybersecurity company that specializes in digital certificates, SSL, encryption and the IoT. “What is particularly onerous is that there are an exponentially larger number of devices – potentially billions – now susceptible to the malware, dramatically increasing the number of potential attacks.”
Source: Special Report: The policies, processes and technologies to guard the IoT for healthcare | Healthcare IT News
A tether or a battery? The growth of the Internet of Things (IoT) is limited by these two unsatisfying options. Have you ever wondered what provides power to all of those hotel room card key locks? It’s batteries that die and have to be changed. Most video surveillance systems are tethered, mobile phones use batteries, RFID readers are tethered, drones usage is limited by battery life, and so on. Why are smart thermostats and doorbells selling so well? It’s because the power supply is already there. Show me a source of power and I’ll show you a great IoT application.
Try to imagine what the world would be like without these constraints. Of course, we’d all love our phones to be fully charged all of the time, but wireless power has implications well beyond that. Imagine lightweight powerful lawn mowers and yard tools that just work; drones that could stay aloft indefinitely; industrial sensors that could be attached to anything, anywhere; or security systems that could be deployed quickly and easily. IoT devices would crop up everywhere, helping us in ways that we haven’t even thought of yet.
Source: What’s holding back the Internet of Things? Power | GeekWire
There are innumerable ways to die and now, a US government agency wants to discuss some new, internet-connected ones. The Consumer Product Safety Commission is now accepting public comments on “potential safety issues and hazards associated with internet-connected consumer products.” In short, please tell the government about your ideas for Final Destination-style, internet-of-things-related deaths.
Source: US Agency to Debate How the Internet of Things Could Kill You | Gizmodo
After years of worry, the long-anticipated backlash to the changes wrought by the Internet of Things may finally be arriving. That could be a good thing.
As pretty much everyone knows, the Internet of Things (IoT) hype has been going strong for a few years now. I’ve done my part, no doubt, covering the technology extensively for the past 9 months. As vendors and users all scramble to cash in, it often seems like nothing can stop the rise IoT.
Maybe not, but there have been rumblings of a backlash to the rise of IoT for several years. Consumer and experts worry that the IoT may not easily fulfill its heavily hyped promise, or that it will turn out to be more cumbersome than anticipated, allow serious security issues, and compromise our privacy.
Source: Is the IoT backlash finally here? | Network World
It was a peaceful day in the international company’s computer operations centre until, at 13.07, the monitoring services detected that there were several simultaneous attempts to probe a non-existent workstation. Four minutes later, a VHDL server attempted to access a Google search. And, four minutes after that, external friends confirmed that they were seeing potential broadcasts from the company to known bad sites. (External friends are other companies who mutually monitor sites.) At 13.20 – 13 minutes after the first recorded incident – instructions were issued that all the company’s sites should close down their IT activities. By 13.25 all external connections, including landline telephones, were closed down and all named machines were locked down. By 13.40 all on-site networks and machines were shut down – including printers and other intelligent peripherals – and remote users were being instructed to shut down. At 13.45 all the named representatives of a pre-defined Incident Response Team (IRT) left their remote sites for the central location and by 15.50 it was clear that all remote users were shut down.
Source: A Tale to Make Your Blood Run Cold | EEJournal
Internet of Things product manufacturers must get their act together and secure their devices or they risk creating new ways for wrongdoers to commit crimes, a senior police officer has warned.
“All new technologies, all changes in the way that society is ordered — particularly if it is technology — always has a crime harvest. So, when cars were invented, people started drink-driving and stealing cars and it’s exactly the same with the Internet of Things,” said chief constable Michael Barton, head of the Durham Constabulary.
Source: An Internet of Things ‘crime harvest’ is coming unless security problems are fixed | ZDNet
Everyone’s heard of the IoT – smart thermostats, Internet-connected refrigerators, connected lightbulbs – but there’s a subset called industrial IoT that has a much more significant day-to-day impact on businesses, safety and even lives.
The term IIoT refers to the Industrial Internet of Things. In broad strokes, it’s the application of instrumentation and connected sensors and other devices to machinery and vehicles in the transport, energy and industrial sectors.
Source: What is the Industrial IoT? And why the stakes are so high | Network World
With the growth of connected devices and the internet of things, consumers must adopt simple steps to help keep themselves cyber secure.
By the end of this year, there will be more than eight billion internet of things (IoT) devices connected worldwide, according to analysts Gartner – from electricity meters to smart fridges.
Many families buy such gadgets without imagining they might pose a security risk, but they still tend to be less well-secured than devices such as PCs. This means that families should be careful both when choosing and setting up their IoT devices, according to Det Insp Mick Dodge, National Cyber PROTECT coordinator with the City of London Police.
Source: Is cybersecurity keeping up with the internet of things? | The Telegraph