Subscribe to our Newsletter | To Post On IoT Central, Click here


Securing IoT Consumer Devices

As consumer electronics manufacturers release new gadgets for the holidays, security is likely to be the last thing on people's minds. Devices like Apple’s HomeKit turn your iPhone or iPad into a remote control for lights, locks, the thermostat, window shades and even your doorbell, making typical iOS functions like Siri voice-based extensions of controlling a smart home.

Yet even if most electronics on a home network employ top security standards, all it takes is a faulty webcam for an attack to happen.

We just saw this with internet infrastructure company Dyn in late October. Mirai malware took advantage of default, easy-to-guess passwords on the webcams of unsuspecting consumers, leading to a massive Distributed Denial of Service (DDoS) attack temporarily shutting down popular sites like Twitter and PayPal.

Along with Apple’s Authentication Coprocessor, HomeKit’s end-to-end encryption helps mitigate the risk of hacking. The coprocessor only sends a certificate that allows an iOS device to unlock an accessory (like your home’s light dimmers, thermostat and power meter) after the accessory completes a challenge sent by the iOS device. Any Internet of Things device that connects to this network, however, may not have the same robustness rules in place.

According to the IoT graphic from Arxan below, the number of devices connected to the internet reached 6.4 billion in 2016. Thus, in-home communication network security is only half the battle for consumers, as the cars they drive are increasingly becoming connected as well. Car manufacturers have different OEMs when it comes to displays and in-vehicle digital storage, meaning that all devices in a connected car may not use end-to-end encryption. Code scanners can interrupt critical functions and if you look further into automotive IoT security you’ll find that many parts of a vehicle that have been around for years--like the OBD2 port for engine diagnostics and on-board computers--could potentially be decrypted and injected with malware.

 

 

Email me when people comment –

You need to be a member of IoT Central to add comments!

Join IoT Central

Comments

This reply was deleted.

Upcoming IoT Events

6 things to avoid in transactional emails

transactional man typing

  You might think that once a sale has been made, or an email subscription confirmed, that your job is done. You’ve made the virtual handshake, you can have a well-earned coffee and sit down now right? Wrong! (You knew we were…

Continue

More IoT News

IDG Contributor Network: 20 awesome Apple websites

Apple is one of the richest, best known companies on the planet. Apple’s products generate reams of news, reviews, discussions and opinion columns everyday around the web.

But the company’s very prominence can make it hard to know which…

Continue

IoT Career Opportunities