Did you see the "Die Hard" movie where the evil hacker was able to control the traffic lights of Washington, D.C.? Well, it could really happen. The IT industry has paid attention to many forms of IT hacking and malware, protecting resources. We need to pay more attention to the many devices that are being connected to the Internet that are not traditional IT devices.
The Internet of Things (IoT) is leading up to a point where we are looking at billions of devices being connected to the Internet. IoT endpoints can be grouped into four categories: those for consumers (most common are for home automation, security, and safety), business, city, and state. Advances in wireless technologies, miniaturization, lower cost computing with more powerful chips, and large low cost memory all foster the proliferation of attractive IoT devices.
Graduate students at the New Jersey Institute of Technology (NJIT) produced an infographic on preparing for the future. The infographic provides a collection of information and statistics that illustrate the vulnerabilities of IoT.
Two examples of successful IoT use that I know of are:
The infographic sites three additional examples I found worth sharing:
There is not one solution; each will require some unique protection. The students collecting and surveying IoT security data were able to determine that:
The infographic cited an effort by the University of Michigan to hack the smart traffic lights of an unnamed city. They gained access to 100 traffic lights using a laptop and basic radio equipment -- proof that the Die Hard movie scenario can happen.
This is not to say that all IoT devices were this vulnerable. It does say the industry producing these devices needs to focus more on the security vulnerabilities. It also means that those organizations pursuing IoT endpoints must perform multiple forms of security testing and analysis of the IoT endpoints they select. Otherwise they open themselves to big public embarrassments.
Read my other previous blogs on IoT security and interoperability: Securing IoT -- Better Now Than Later, IoT Standards: Many, Not One, How IoT Endpoints Measure an Environment, Hacking IoT
