Subscribe to our Newsletter | To Post On IoT Central, Click here

Security (104)

The IoT is already shaping modern society in various ways. While many of these are positive aspects that result in streamlined communications, easier access to information and a greater quality of life, there are some major roadblocks in the push toward widespread IoT implementation.

One of the primary concerns revolves around the security of IoT-connected devices. A demonstration by Avast at the Mobile World Congress (MWC) in Barcelona recently uncovered a flaw in current-gen IoT infrastructure. Not only can they potentially gain control over tens of thousands of different devices, but they can also use the assembled processing power to mine $1,000 of cryptocurrency in a matter of days.

Identifying the Easiest Targets

Although Avast's demonstration didn't involve a full-scale replication, it underscores serious security flaws in the nature of current-gen IoT devices. If a widespread attack did occur, hackers would likely focus on the weakest targets.

Unsecured home networks are ideal for this sort of hack. As the average homeowner continues adding new smart-devices to the home, the hacker's job becomes even easier.

The task of hacking into thousands of unsecured home networks and taking over 15,000 or more devices might be insurmountable for a lone hacker, but a team of experts could readily pull it off and begin mining cryptocurrency without the owners' knowledge.

Some hackers might target small businesses or even larger corporations. As these networks easily contain the necessary number of IoT-connected devices, an individual could quickly gain control over thousands of different systems.

Mining, in this context, is a process of verifying transactions across a cryptocurrency-backed network. Cryptocurrency miners use various tools — including hardware and software utilities — to solve sophisticated mathematical algorithms and, as a result, generate digital monies that are tradable for real-world goods or cash.

Since coins are often used for nefarious or downright illegal activities, hackers try to use the accounts of unsuspecting victims whenever possible to maintain anonymity and cover their tracks.

Many popular coins, like Bitcoin, require advanced hardware that’s available in current-gen smart-devices. But other cryptocurrencies, like Monero, are made to harness the power of many individual machines simultaneously.

Similar Incidents in the News

A flaw like this isn't the first time that IoT-connected devices have been proven vulnerable to hacking. As reported by IBM X Force, a revised version of the Mirai botnet is programmed to take over a device and mine cryptocurrency via Linux.

Mirai is disheartening to security experts. It was the botnet responsible for a 2016 DDoS attack that caused massive service outages on sites like Netflix, Reddit, GitHub, Twitter and more.

According to a statement released by IBM X Force, the botnet gains entry into a system via the BusyBox program on Linux-based machines. Considering that Linux runs some of the largest and most popular websites, operating systems and software packages, the potential for exploitation is very serious.

Fighting Back

Fortunately, you can take some steps to secure your network from outside threats — including the latest botnet hacks. Always make sure your devices are on a secure network and protected behind a strong password.

Update your hardware with the latest updates as soon as they're available from the manufacturer, and use software protection — like antivirus and anti-malware utilities — on smartphones, tablets, laptops and desktop computers.

To make the job even harder for would-be hackers, avoid connecting to public Wi-Fi whenever possible. Never keep your personal devices on the same network as your primary desktop or laptop, as this makes it easier for cyber-criminals to jump from one system to another.

Finally, make sure to change the default login credentials on any new device you add to the network. Many come with generic information that is easily exploited.

How the MWC Is Protecting Our Networks

The Mobile World Congress — dubbed the "world's largest gathering for the mobile industry" — is organized by the GSM Association. Sometimes known as the Global System for Mobile Communications or simply "the GSMA," the organization began hosting events in 1987. It remains the largest conference in the mobile industry, and it continues to highlight new security flaws and solutions — including problems with IoT connectivity — to this day.

Stay up to date with the trends of these devices and activity surrounding them, and you’ll have a better shot at fighting back against hackers.

Read more…

IoT Cyber-Security Puzzle

Image courtesy: Pixabay

I recently attended one of a significant [email protected] Internet of Things event which featured keynotes, speeches and presentations from CTOs/SVPs-Tech/VPs of major IT firms. Attending these presentations sometimes give you a feeling of being in literature or a rhetoric club where instead of hearing context oriented speeches you get to listen to a bunch of fairy tales with almost every sentence including overused adjectives like “trust”, “motivation”, “responsibility” and so on.  An SVP of a major IT player was asked about the measure (technical) her company takes to ensure data integrity and prevent cyber-attacks. Interestingly, her answer to this was the statement that “they maintain a culture of trust in and around the company”. To me, it is like standing in front of a hungry lion and telling him that you believe in non-violence. Today in the age of internet and IoT, we have to deal with thousands of cyber criminals (hungry lions) who are waiting to penetrate the system and make most out of it. To keep them out you need a lot more than just “trust”.  

On the same event, I had an opportunity to talk to many cybersecurity experts and companies, and I confronted them with a question of mentioning at least one relevant cybersecurity norm/standard/certificate pertinent for each major component in an IoT stack. Unfortunately, most of these discussions turned into some sales pitch. The question one can raise at this point is that is it so challenging to mention at least one “state of the art” cybersecurity measure for every IoT component? Or just that the topic is underestimated? 

This blog is just an attempt to name a relevant security standard/certificate or measure for every major element in IoT stack (see below) without going deep into the details of each and very standard/norm or certification. 

For this sake, we will assume a simple IoT stack as illustrated below :


Fig.1: IoT stack of a simple use case

In this use case, an industry sensor collects the physical parameters (temperature, pressure, humidity etc.) and transmit the values via Bluetooth/Wifi/wired connection to the gateway or edge device. The gateway device, depending on the type (simple or edge) perform a certain minimal calculation on the received data and push it into the cloud via a Wifi/4G connection. The cloud collects the data and uses this data to feed desired micro-services like analytics, anomaly detection etc. Cloud also offers an interface to the existing enterprise and resource planning (ERP) system to synchronize the running process with the current one as well to provide product /service related information over the IoT platform to the end user. What the user sees on his screen is then the dashboard of IoT use case which is a graphical representation of the micro-services running in the background. 

As we can see, there are four to five main stages and at least three interfaces (sensor-gateway, gateway-cloud, cloud-user) in a typical IoT use case. These stages and interfaces are on the target of cybercriminals who try to hack into the system with the intention of either manipulating or hi-jacking the system. Safeguarding just the components is not adequate. The underlying IoT communication layer (Bluetooth/Wifi/4G etc.) need to be secured as well.  Also, organisations running or involved in such IoT use cases must ensure safety and integrity of the process, technical as well as user data through a certain information security management system (ISMS) in place. 

To sum up, we need security measures at a component, communication-interface and organisational levels. Now if I have to write state of the art or “best in class” security measure (excluding cryptography) next to each stage, communication type and interfaces in the diagram above, then the resulting picture might look like the one below. 


Fig.2: IoT stack with relevant cyber-security measure


What, in your opinion, could be included/excluded or replaced in this diagram? Feel free to share your opinion.


Read more…


The Internet of Things — or IoT — is taking the IT sector by storm. Although it only boasted two billion systems in 2006, it's set to reach 200 billion connected devices by 2020 — and even more beyond that.

As companies and consumers all continue to explore the benefits of the IoT, one thing has become clear: the IoT needs proper encryption.

Given the sheer amount of online and network-oriented threats today — including everything from traditional viruses to advanced malware and malicious computer coding — data encryption is necessary to ensure the long-term success of the IoT.

Establishing these protocols while the IoT is still in its infancy will provide additional integrity to IoT-fueled projects and generate increased interest in the platform as a whole.

Overcoming the Roadblocks to Success

Modern society is well on its way to embracing the IoT for everything from industrial automation to in-home convenience, but there are two significant roadblocks to the platform's success.

1. Power Consumption

Today's IoT networks, which contain servers, access points and peripheral devices, consume enormous amounts of power altogether, but some tools require more power than others. 

While traditional network-level encryption tools are optimized for larger systems and infrastructure, they don't always scale down to smaller formats in an efficient or viable manner.

Developing a chip with higher energy efficiency and the ability to scale down minimizes the strain on current and local power grids and makes it easier to secure individual devices via existing encryption methods. 

2. Data Security

Consumers have received an enormous dose of reality in the 21st century. Those who haven't fallen victim to a cyber attack or hack probably know someone who has. The number of data breaches involving consumer information is troubling.

There are even rumors of foreign entities interfering with U.S. elections, including the 2016 election of President Donald Trump. Data security is in the spotlight now more than ever before, and it's a tremendous obstacle for the IoT to overcome.

However, a new chip manufactured by the team at MIT solves both of these problems. Not only does it focus specifically on public-key encryption — a straightforward and user-friendly method of modern encryption — but it also consumes 1/400 of the power of comparable chips.

It also uses 90% less memory than current chips, which lets researchers execute commands and complete processes up to 500 times faster.

Encrypting Consumer Data via Mathematics

The newest chip utilizes elliptic-curve encryption. It's a highly sophisticated, dominant form of data security often used in HTTPS connections. MIT's latest advancement efficiently breaks this system down for use on the individual devices that comprise the IoT.

As noted by the team at MIT, "cryptographers are coming up with curves with different properties."

The new chip is flexible enough to support all the known curves in use today, giving it maximum compatibility with different organizational and governmental standards. The team hopes to implement additional support for any future curves, as well.

Making Advancements in Artificial Intelligence

The team at MIT is also making headlines in the area of artificial intelligence (AI). Between self-driving cars and increased automation both in the factory and the home, AI is a hotbed of debate. Whether consumers are in favor of automation or against the idea altogether, one thing is for sure: AI-driven robots must operate by an acceptable set of ethical standards.

Just like encryption, it's a subject that invites multiple interpretation and solutions.

To spur development into the future of AI ethics and programming, MIT recently took a poll of the online public. By seeking the input of the average consumer, the school hopes to play an essential role in how next-gen robotics make decisions, prioritize tasks and interact with their human counterparts on a daily basis.

How MIT Is Safeguarding Our Future

Between the increased need for data security and sophisticated AI, IT experts have their work cut out for them.

The work of individuals and groups like the team at MIT is already making headway into these areas, but society is only at the beginning of what will likely become a long-term, complicated relationship with technology.

Image by Kevin Ku

Read more…



IoT security challenges


IoT is a complex network of billions of Internet-connected devices that collect and transmit huge amounts of data across of a wide range of devices (sensors, robots, machinery, mobile apps, digital assistants, etc.) and integrated systems. Also, the data have to pass different administrative boundaries with different policies. Certainly, all of it creates challenges for protecting the IoT ecosystem.

First, companies and organizations have to ensure privacy and confidentiality of user data. Second, data communications should be protected at all levels. So, when building an IoT solution, take care of the “right” data delivery including the right place, time, and form. Third, make all interactions traced and monitored so that suspicious activities will be instantly detected.

There are many IoT security risks and challenges you should know and prevent when developing an IoT project. In terms of increased worry about cyber attacks and data privacy, companies have to establish new security models and integrate innovative technologies. In the IoT world, the use of Blockchain is an emerging trend promising to solve most or even all of IoT security issues.


What is Blockchain


Blockchain is a technology of the distributed ledger that maintains a continuously increasing number of transactions. Representing an immutable and inconvertible record and being based on cryptographic algorithms, Blockchain provides data security and protects data.

As Blockchain is decentralized, there is no central authority or regulatory body required for transaction approval and management. A distributed technology nature makes computer servers to come to a consensus, allowing transactions to be carried out anonymously and without intermediaries.

Blockchain is also about trust: cryptography is used to prevent technical data forge and distortion. In the chain of blocks, each block contains a hash serving as a link to the previous one. Thus, it’s impossible to substitute an intermediate block in the finished chain.

So, Blockchain provides a high-security level. While the tool is the same, it has many successful applications in a variety of business industries. Mika Lammi, Kinno’s Head of IoT Business Development, Kouvola Innovation Ltd, said: “I believe Blockchain to be one of the truly disruptive and innovative application areas in the world now, and that it will create huge waves across all imaginable business sectors”.


Blockchain and IoT


Coming up with decentralized, autonomous, and data protection capabilities, Blockchain has a great potential to secure the IoT ecosystem. In the Internet of Things, Blockchain can keep an immutable record of connected devices’ activities and automatically maintain the history of their communications.

What’s more, by integrating the technology, companies and organizations can allow trustless safe message exchanges between IoT devices. In this case, Blockchain will work like in financial transactions: data is transmitted between multiple devices and delivered to the places required. To enable peer-to-peer messaging, businesses can integrate Ethereum smart contracts serving as the agreement between two parties.

For example, let’s take Blockchain and IoT linked together to improve manufacturing operations. Here the use of Blockchain can enable smart devices to not only exchange data, but even automatically execute financial transactions. IoT devices monitor machinery and equipment health, alert managers about problems, and order repairs when required.

In the agriculture industry, farmers can place IoT devices to collect data about crops in order to ensure an efficient functioning of the irrigation system. Smart contracts describe how the solution parts (analytics system, sensors, etc.) should behave based on the conditions defined. This approach helps provide automatic water management.


Blockchain advantages for IoT security:


  1. Immutable record of all data communications
  2. Monitoring of suspicious activities
  3. Prevention of data forge and distortion
  4. Peer-to-peer messaging between IoT devices
  5. Autonomous functioning of smart devices


Today, Blockchain is one of the most promising trends in IoT security field. Decentralized and data protection capabilities make Blockchain a perfect part of IoT solutions. Understanding the technology prospects, many companies have already integrated Blockchain to solve IoT security challenges.

Read more…

Botty Media

The revolution of digital technology has disrupted and transformed the entire Media Industry. The evolution of print to online media has significantly impacted the individual, business, society, and nation overall. The digitization has changed the judicious "decision-making" capability of an individual which can make or break something powerful in this world. 

The advent of the Internet and transformational technologies have redefined the way we gather, receive and consume the news today. During the Pre-Internet era, it was challenging to get international or even national information without the Newspaper which slowly evolved to Radio, Television, and Social-Media. 

With time, 'Time' became the most significant challenge which a man is always battling especially in the fast-paced mechanical world. This challenge paved the way for one of the biggest business opportunity for Media Industry in the world. Mobility became the future, and with this development, the media rapidly advanced itself in the era of social-media by providing online-news via apps which led to the decline of the print-media businesses. 

However, the ever-growing influence of online social media gave birth to the 'Fake News or Yellow Journalism which refers to journalism that provides little or no legitimate or well-researched news. Instead, they present headlines story that is eye-catching and sell more newspapers. The media and all other superpowers in the Industry who wanted to manipulate adopted methods such as exaggerations of news-events, sensationalism, scandal-mongering, deliberate hoaxes or misinformation via print and broadcast news media or online social media. 

The fake news is published or written with the explicit intention of misleading to damage the reputation of an entity, agency or a person, and or to gain politically or financially, often using outright fabricated headlines to increase readership, coverage, online sharing, internet click revenues or any hidden business motivations. 

To top it all the technology has proven advantageous to players in the 'Fake News.' The 'Bots' are designed with the intelligence and robotic power to perform any automated task without human intervention. In the case of online media, they are programmed to gather and collate 'Fake News' that could make or break any business, people, society or a nation. 

Let us take the recent case of 2016 US presidential election, according to the CBS News the stories which consistently featured in Google's top news search results were widely shared on the Facebook and they were taken seriously by the readers. Mark Zuckerberg, CEO of Facebook, made a statement, "I think the idea that fake news on Facebook influenced the election in any way, I think is a pretty crazy idea." A few days later, he blogged that Facebook was looking for ways to flag the fake news stories. Angela Merkel expressed her concern by discussing the topic on Fake News and Bots which can manipulate public opinion is committed not to use social bots for her campaign strategy.

However, demonizing bots might cause society from overlooking the possibility of using the same bots for the good of mankind. Be it a Bot or Chatbot it can be the optimal tools for eliminating the fake news from the system. Using Artificial Intelligence (AI), the bots can be programmed only to collate legitimate news whose data source has been validated. Apart from eliminating the rudimentary system of reporting, the 'AI Bot or Chatbot' will automate the entire online news reporting system and slowly eradicate the yellow journalism from its roots. 

To summarize, the 'Media Industry' should collaborate with Technologists and Subject Matter Expertise for designing and developing AI Bots that can bring in the Next-Gen online news reporting system which will be instrumental in eliminating the 'Fake News' from the system and help establish people's trust back in the power of the Social Media. More importantly, reinstating the judicious decision-making capability of an individual. 

Read more…

Evolution of Drones

It is the 'Era' of Unmanned Aerial Vehicles (UAV), or Unmanned Aerial System (UAS), an all-encompassing term which includes the aircraft or the UAV, and the ground-based controller (the person operating the machine), and the system of communications connecting the two, commonly known as 'Drones.' 

Today, the drones are revolutionizing the world and businesses which hardly anyone could have ever imagined. UAVs or drones was an aircraft without a human pilot aboard. UAVs include both autonomous drones and Remotely Piloted Vehicles (RPVs). 

According to the brief history "The U.S. military experimented with pilotless aeroplanes as “aerial torpedoes” or flying bombs far back during the first world war, but with no significant success—until the Vietnam war, when jet-propelled, camera-equipped drones built by Teledyne-Ryan were launched and controlled from U.S. Air Force C-130s. 

"Abraham Karem born in 1937, is regarded as the founding father of UAV (drone) technology. "Karem built his first drone during the Yom Kippur war for the Israeli Air Force. In the 1970s, he moved to the USA and founded his company Leading Systems Inc. He started the manufacturing of his first drone 'Albatross' in his home garage. Later on, the sophisticated 'Amber' which eventually evolved into the famous 'Predator' drone that brought him the title of "drone father". Karem has been described by The Economist magazine as the man who "created the robotic plane that transformed the way modern warfare is waged, and at the age of 80 he continues to pioneer other airborne innovations." 

The UAVs or drones were associated with the military and those used by the US Air Force for surveillance, small intelligence, and reconnaissance craft of which some of them were light enough to be launched by hand, medium-sized armed drones to large spy planes. However, with the technology that is in use is incredibly advanced. It uses Artificial Intelligence (AI), GPS, 3D scan, Biometrics, to Robotics and remote control to pilot essentially unmanned aeroplanes of different sizes, weights, reaching new heights figuratively and literally. 

Let me discuss some of the significant use-cases of the Military or Law enforcement Drones:

1. Air Strikes: The UAVs or drones are used for air strikes. According to President Obama, the US Military used drones to attack militants in the tribal areas of Pakistan. The drones hover over the suspected areas to fulfil the military operation.

2. Bomb Detection: The increasing frequency of terrorist attacks which the world has witnessed in the recent past can be mitigated with the help of drones. Small size drones can easily penetrate into the restricted areas. The inbuilt cameras make the drone highly suitable for bomb investigations. Thus the UAVs are apt for detecting the unexploded bombs and securely dealing with a potential bomb threat. 

3. Surveillance: Any country's Defence tends to conduct periodic surveys to ensure the protection of the place and its people usually. The drones are also used for criminal surveillance which could help trace missing persons, a search of criminal gangs or mafia groups. In 2009, the drone from Dayton carried out surveillance for 200 hours across cities. This helped in capturing the images of thirty-four murders as they happened in real-time. These attacks were carried out by a cartel, and the footages helped the Police to get to the perpetrator's getaway, vehicles and their various accomplices. 

4. Hostage Negotiation: The future of the drone could be an application of tiny drones, the size of an insect which will be capable of revealing the happenings in a hostile location. It is believed that the manufacturers will be able to provide 'Biomimetic' designs which will be suited to mimic nature along with the 3D depiction scan for appropriate handling of a hostage situation. The drone will help show precise details of exact happenings in the given locations without risking the lives of the security personnel. The drones will be of good use in conducting negotiations without the need for sending a negotiator to the hostage site. Instead, it can be achieved by sending a drone with a facility for a facetime chat with the hostage-taker. 

5. Crime Scene Analysis: Drones play a significant role in the future crime scene investigations due to the drone's ability to take photos and inspect the scene without any contamination of the pieces of evidence. Hence, the investigation team will not risk mistakes like footprints and fingerprints which were not supposed to be there. The police also could use drones to trackback discarded weapons from the crime scene location. Drones to help create maps for prosecuting or solving various crimes and documenting the evidence to convict the criminals who have walked-out scot-free due to lack of sufficient documented proof against them. 

6. Drone in Drug Interdictions or Tracing Missing Persons: Today, drones that are equipped with spectroscopic sensors help in detection of the meth labs, and similar use case can be applied for the storage of drug at sites to help in dealing with the menace of the illegal drug trade. It is most common for some close person to have gone missing. There have been several cases when a child has gone missing in a large crowd, or a person with Alzheimer disease has wandered from home. The drones equipped with cameras, facial recognition or license plate readers software will be able to swiftly and efficiently search and track the missing people. These drones will transform the way the future search operations of the missing people are conducted.

Military usage of UAVs or drones has become the primary use in today's world. According to Goldman Sachs, military spending will remain the primary driver of drone spending with an estimate of $70 billion drones by 2020. According to the latest news, "The US Military's latest autonomous aircraft is radically changing how they resupply units in the combat zone. It is all about keeping the troops safe and saving lives. The UAV helicopter is meant to resupply forces in combat zones quickly delivering ammunition, water, batteries, and even blood before returning to base. With no need for pilot or crew, it could eliminate the need for troops to fly or drive supplies to hostile, fire or dangerous roadways. The project is a partnership between the office of Naval research and tech company Aurora Flight Systems."

These are some of the use-cases of the Military or Law-Enforcement UAVs or Drones which I have discussed here. However, in my next couple of articles, I will be addressing the Non-military or Commercial, Personal and Future use-cases of the UAVs or Drones that has disrupted and transforming the world. 

To conclude, the drones will play a vital role in the resolution of future conflicts and the replacement of the human pilot. Drones are also cost-effective, time-saving and life-changing. Although, the application of drones in the Law-Enforcement domain is niche but will need the Federal Aviation Authority (FAA) to have the relevant regulations which would govern the right use of 'UAVs or Drones' in a lawful manner that will bring protection to the people and its nation.

Read more…

Over the last couple of years, the Internet of Things grew into a huge gate between the reality and the digital world, and CES 2018 was the event that nailed it. IoT dominated the event with a vengeance, and it could be roughly divided into two major areas: smart home (with a nod to smart city) and industrial Internet of Things (with a nod to the much-hyped Industry 4.0).

The event showed the inevitable changes in the industrial sector that are likely to reward early adopters with shares on the market. Meanwhile those who avoid innovation get left behind in the long run. Such companies as Bosch reinvent the way manufacturers run their facilities, with a focus on increased performance and care for safety of human workers.

Smart home was represented not only by a huge variety of standalone products, but also by closed ecosystems created by such consumer tech giants as LG.

Automotive industry always has been leading in innovation with self-driving and connected cars being part of the IoT market. This year all major car manufacturers hosted a kind of car show inside CES, introducing new automotive IoT products.

Besides these spheres, there were two more major followers of IoT trends: healthcare and retail. Both aim for automation of operations, provision of personalized experience to customers, and overall transformation of the ways they operate.

Read more…


The Internet of Things plays an important role in today’s life, affecting a plenty of businesses and changing the way we work, live, and entertain. Coming up with workflow automation, remote equipment monitoring, inventory tracking, and real-time data collection, IoT promises to bring innovation in various industries.

Understanding high IoT potential, companies and corporations invest in IoT projects, startups, and initiatives. According to New IDC Spending Guide, the worldwide IoT spending is predicted to reach nearly $1.4 trillion in 2021. What’s more, Gartner research expects the number of IoT-enabled devices will be about 21 billion by 2020.

Though IoT provides many advantages and opportunities, there remain IoT security risks and challenges, that now are of the highest concern. Since today almost everything can be hacked, businesses have to look for and integrate new security mechanisms allowing to ensure data and device protection.


The main IoT security risks


1. Data Leaks

Smart devices collect and transmit various data that may involve such important information as credit card numbers, zip codes, customer locations, camera images, IP addresses, and much more. A leakage of private/personal/business/financial data can lead a company to money and reputation losses, and harm people’s lives.

2. User verification

Misconfiguration and default passwords use are common reasons for the appearance of device/data vulnerabilities. That’s why engineers should implement the ability for customers to create their own passwords while establishing the highest level of password reliability that all users have to follow.

3. Lack of regulations

Unfortunately, there are often no regulations for IoT devices. The creation of a standards-based approach to security should be a top-priority task for companies, organizations, and even governments.

4. Unknown surveillance

Often unprotected IoT devices can be accessed by any remote user or at least can be easily hacked. The consequences can be poor: for instance, streaming and selling private videos and images (including those from stores, shopping centers, etc.).


IoT security recommendations


1. Focus on data traffic monitoring. Imagine a cloud IoT solution, that monitors both inbound and outbound traffic, traces all suspicious activities, blocks unsafe communications, instantly alerts users and the central system about potential problems, and prevents data leaks.

2. Implement end-to-end encryption in your application, the most reliable way to protect user data. Famous mobile messengers WhatsApp and Viber added the support of e2e encryption long ago. If your project implies many data/user communications, you can use this approach too.

3. Use reliable tools that help ensure data confidentiality and privacy as well as build a secure and scalable data storage. Integrate a feature of suspicious activity and malicious code monitoring. For example, today we can see an increasing use of AI technology for real-time security monitoring.

4. Focus on testing activities. When developing an IoT solution, pay a lot of attention to the testing/QA process. It’s much better to prevent any security issues at the pre-release stage than waste time for bug fixing after.

5. Integrate a Blockchain decentralized approach. Since Blockchain is based on cryptographic algorithms, it helps protect and manage data. Blockchain has all transactions (interactions) recorded, so the history of smart devices will be also recorded. At the moment, the use of Blockchain for securing the Internet of Things is one of the emerging and most promising trends.


As you see, there are really good ways to minimize IoT security vulnerabilities. Here I should note that one of the best recommendations for developing a successful IoT project is to apply to a reliable IT company that would focus on security and data privacy issues. Also, when choosing the company, pay attention whether it meets the GDPR requirements, which will be especially important from the regulation enforcement on May 25, 2018.


Read more…

The Invisible Threat to Your Health - IOT

Consider the normal hospital or home care scenario today. A patient—your patient—is receiving different therapy intravenously. That IV fluid is being administered using a pump known as an infusion pump.

Today those infusion pumps are connected to a network of devices on a hospital’s internet network.

Now consider the ramifications of an outsider hacking into the network and controlling all of the devices on that network, as well as being able to access all of the medical records on the network and to create a serious danger to the hospital and all of the connected patients. It’s a threat that is invisible and one that you don’t really think about but the potential is there.

It’s a scenario that is more than plausible, it’s actually taken place. There have been insulin pumps hacked multiple times.  Johnson & Johnson became the first company to warn their users about the potential for hacks in their insulin pumps.

Billy Rios wrote about it for Bloomberg and even the FDA has taken notice, very recently stating that they knew that there were problems with medical devices and that sufficient security in those devices was probably not in place. They said that the current regulations and the current controls were not enough.

Recently the FDA released a set of guidelines that were designed to assist in this conundrum. They are encouraging all medical device manufacturers to make their cyber-security stronger and to ensure that clients and patients could not be damaged by hacks to products.

This was in response to Executive Order 13636 and Presidential Policy Directive 21,but it was also a response to the many cyber-security experts who have written directives and voiced their concerns about the problems inherent in connected medical devices.

There are dozens of problems with IoT medical devices and their ability to be hacked, but it isn’t just medical devices that are used directly for patient treatment. Other problems have been found in devices such as x-ray machines and MRI machines that allow them to be breached and require a fix in order to ensure patient safety.

Despite actual white hat hacks and security concerns voiced by experts, many legal experts say that the harm caused or the potential to harm is pure speculation. Reed Smith partner Steven Bornian believes that no medical device will ever be completely secure and that no IoT or medical device risk may be completely eradicated. That means legislating the security for them simple is not feasible, but still that seems to be the way that governments are heading.

The FDA has, for now, focused their approach to this problem on encouraging companies to offer workarounds for the user and temporary fixes if there is a breach. They believe this may be better than trying to regulate or legislate companies to prevent the breaches entirely, which many experts say may be impossible.

That isn’t going to be a long lasting solution because even as we discuss it, things are changing. Countries are seeking the right legislation for use in protecting the data and the patients who use medical devices. Having an on-board cybersecurity specialist is going to be imperative for any company offering connected devices in the near future. Is your company ready?

Read more…

Here's Wishing you a Very Happy, Smart, and Innovative New Year! 

Internet of Things (IoT) has been revolutionizing the world with its millions of innovations. In 2017 IoT reached its milestone by creating several break-throughs with significant technological advancements. All of these technologies, products, and solutions saw the limelight at the world's largest and the most powerful technology event, Consumer Electronics Show (CES) 2018 at Las Vegas, a Catalyst for Innovations.  

The vision of the Internet of Things (IoT) is to transform the way individual lives, work and communicates with one another. These innovations are meant to simplify by offering products and solutions that are simple, affordable, easy to use, efficient and productive for building a Smart, Safe and Connected world. 

With these above IoT goals in mind, I am personally impressed to highlight some of these mind-boggling innovative products and solutions that was unveiled last week at the CES 2018. 

1. Forever Batteries: The battery maker Ossia launched its AA-sized batteries that suck power out of the air using its IP technology called Cota. Ossia has developed a means of wireless power transmission which Ossia claims can keep the AA battery charged up or provide power to a smartphone that either incorporates Cota's technology natively or uses specific charging case. However, Ossia hasn't revealed much about the working of their Cota technology. This irreplaceable battery will eliminate the spending expenditure 'Forever'. 

2. Byton's $45,000 Gadgeted Electric Smart Car: Chinese Start-up unveiled its first and futuristic real smart electric car. The name refers to 'Bytes on Wheels.' Former BMW and Apple Engineers created it. It has the hardware on board to enable full self-driving mode. The vision behind Byton is to be the company to bring to the market the first real 'Smart' car. Inside the car, the drivers and passengers can interact with the huge display panel. Byton aims to merge an individual's life outside the car with the experience inside the vehicle. Everything will be controlled via the touch, and certain aspects will be controlled via voice (voice recognition by Amazon's Alexa) and gesture control. The key is customisation. When the car is in drive mode, specific features will be disabled. It will not allow watching videos for instance. Byton aims to build a platform where, when there is autonomous driving all occupants of the car including the driver can interact. Some of the features of Byton will be fully-disabled until we live in a world of fully autonomous driving. Fierce competition to Tesla and from my perspective it is redefining life. But the one challenge that might stump Byton is the lack of fast-charging stations. Another major competitor to watch for will be Fisker's EMotion a luxury smart autonomous sports sedan. Although Fisker is not a competition concerning the price factor; however, is a competitor to watch for its technology and new solid-state battery which they filed for a patent. The battery is expected to provide the Electric Vehicles with a range of over 500 miles on a single charge and will take only one minute for recharging. 

3. Razer's SmartPhone Laptop - Project Linda: Razer brings you a disruption in the world of gaming with its Project Linda which is a concept of ultraportable laptop design powered by the Android-based Razer Phone. The docked phone serves as an intelligent touchpad, bridging the gap between handheld entertainment and laptop convenience. The Razer Phone's display, performance, and dual front-firing speakers combine seamlessly with Linda's keyboard, larger screen, and battery to provide ultimate mobile hybrid setup for creativity, gaming, and productivity. Although the Project Linda feels like a product from a Sci-fi world or a future that might not see the daylights after the CES 2018. However, the prototypes like a concept car for gadgets is both sensational and aspirational. Razer hasn't confirmed if it plans to make the smartphone project Linda for a go-to-market next year. 

4. Google Voice Assistant: Google creates a whirlwind at the CES 2018 with its Voice Assistants and predicts to dominate the future homes. Lilian Rincon, Google director of product management, reckons customers making their home “smart” by using the Assistant to turn on lights, boil the kettle and do other tasks could save 15 minutes from their morning routine. Google's Voice Assistant is eroding the well established Amazon's Alexa, a fierce competitor for its voice assistant. Google has already discussed partnerships with various Industry verticals for integrating their Voice Assistant in realizing the goal of "Smart and Connected World." In my opinion, I see this as the most significant breakthrough as Google is not charging the end-user but is working with all its third-party vendors to integrate the voice assistant into their products and solutions. Google showed off a plethora of new Voice Assistant-enabled devices from companies like Lenovo, Sony and LG, featuring “smart displays” that displays information like the schedules, things-to-do, cooking recipes, and other bits of visual accoutrement whenever we ask the Assistant for something. Also, you'll find Assistant integration inside more televisions, headphones — even in new cars, thanks to Android Auto, which is already available in more than 400 car models. The Assistant integration eliminates the need for having an independent device and allows you to manage everything from your one device - 'The SmartPhone.'

5. Smart Hearing-Aids EARGO Max: Technology for healthcare and especially the elderly is something I am very much interested though tech for elderly-care is still a growing area. The ageing population is a growing business opportunity, and EARGO Max might be the airpods of hearing aids. The hearing-aids have a collection of useful features, the most stand-out of which is a complete lack of need for expensive replaceable batteries. The set of hearing aids includes Dynamic Noise Reduction, with Eargo tech which allows the devices to vary noise reduction based on environment. When the environment gets louder, noise reduction ramps up. These devices also change based on user preference. The "Flexi Fibers" hold the hearing aids in place, while the domes “increase the amount of ambient bass sounds and eliminate feedback. I understand very well how useful and life-changing these features are since my mother suffers from major hearing loss and will benefit her tremendously. However, the one road-block I see is the cost factor. Currently, Eargo Max is priced at $2,500 which I believe is quite too high and defeats the purpose of providing cost-effective and affordable products. Hoping to see the Industry ramping up to address this gap. 

To summarize, CES 2018 was a curtain raiser for millions of products, solutions, and technologies which created hope for a future that is beyond imagination. In my opinion, there is still a long way for the Industry stakeholders to meet the primary objectives of IoT which will redefine this entire universe. The one vertical which has gone mainstream is the Autonomous Vehicles or the Self-driving cars. The major tech giants such as Cisco, Nvidia, Intel, Amazon, Google, Tesla, Apple, GM, Toyota, and many others made announcements focusing their investments in this sector.


Read more…

Securing our Future Energy - with IOT

 Is our Oil Production Too Reliant on Big Data? Are “Digital Oil Fields” Vulnerable in a Big Way?

The ‘digital oil field” is growing dramatically. In 2011 the market was about 18.7 billion. By 2014 it had grown to 24.6 billion dollars and at this rate of growth it is projected to be at 33 billion by 2022.

There are myriad benefits to the digital oil fields. Speed, efficiency and lower cost are but a few. Today, control rooms, devices used to manage the production plants, refineries, pipelines and even oil producing substations as well as the wells themselves are digital. They are using high speed data links, video technology and even digitally managed drilling rigs to bring us the energy that we need.

Still further upstream, we’re seeing drilling resources, computer assisted well fracturing and preventive maintenance seen on the wells. Each of these areas has the capacity to be hacked or breached in some way and untold damage done to our energy supply as well as many other things.

According to the Journal of Petroleum Technology, the offshore oil fields can create more than ¾ of a terabyte of data every single day. Oil fields and reserves are becoming much more rare. Companies are literally scrambling in order to keep ahead of their competition.

IHS CERA says that digital oilfield implementation means that companies may achieve more than 25 percent savings in the cost of operation using digital technology and they may see about 8-10 percent higher production. As oil fields become much rarer, the production boost will make the difference between having enough energy and an energy shortage.

The National Grid and the utilities that we depend on every day are dependent on computers. It’s a given that anything that is reliant upon computers can be vulnerable to very significant threats from hackers and other nefarious creatures.

The oil and gas companies around the world are increasingly dependent on computers and that means they are a big target. The oil and gas fields today are so reliant that it’s become a source of great concern for regulatory bodies as well as those who rely heavily on the production.

Multiple attacks against oil and gas have already taken place.In July of 2014, A Russian hacker group targeted energy companies with Energetic Bear Virus. Physical systems were disabled and energy consumption monitoring took place.

Other attacks include DDoS attacks and even ransomware. ABI Research did a study that predicted that by 2018, just a year from now that attacks against the oil and gas sector will drive nearly 2 billion dollars in security spending.

What other kinds of attacks could take place using the oil and gas sector? How can we halt this and what will it take to prevent problems from taking place. It is imperative that gas and oil develop the capacity to protect against cyber attacks and to prevent major risks?

Do you believe legislating cybersecurity -forcing companies to secure their devices is the right answer or or is there a better way to accomplish that?


Read more…

The Human touch of IoT´s CEOs

A few days before Christmas holidays, I received an email from a customer that said “... I want to tell you that I have really appreciated your help, your professional approach and your “human touch”: they are as important as knowledge is …”.

Moved by the Christmas spirit that surround us these days, made me change my priorities of publishing the next articles and I decided to dedicate a few lines to what I consider a very important issue: What is the human touch value of the CEOs in the IoT?

I do not intend to convert this article into an analysis of the types of CEOs, or a list of the best CEOs of IoT companies (for that there will be time). 

My objective today is in making IoT´s CEOs aware, especially those of large multinationals, of their responsibility to print a human touch on their actions and decisions. Not only will the stability and quality of work of millions of people depend on them, but also the conservation of our planet in favourable conditions for future generations.

The Human touch of IoT´s CEOs to save the World

Global Warming is very real.  Even if greenhouse gas concentrations stabilized today, the planet would continue to warm by about 0.6°C over the next century because of greenhouses gases already in the atmosphere. Its effects are already so visible that no one doubts its catastrophic consequences.

We know that the IoT can help in many ways to monitor and control Global Warning, and there are many great stories of how companies are making use of IoT technology to help save water, money … and the planet. 

In  the article “3 ways businesses can use the internet of things to save the environment“, Jayraj Nair - Global Head of IoT, Vice President Wipro-, suggest  a few steps that business leaders could take to lessen the effects of these barriers and set their companies on the right path to become champions of a more sustainable and connected future.

1.       Emphasize digital citizenship and individual responsibility

2.       Share knowledge and resources across departments

3.       Collaborate to create guidelines for tech development

We should reward those IoT´s CEOs who follow the slogan “ We develop the IoT that Save the World!..

The Human touch of IoT´s CEOs to build ethic AI

When I wrote  “Internet of Things – Kings and Servants” I gave great importance to the CEOs visionaries of the companies that were destined to change the world of the 21st century. CEOs like Sundar Pichai (Google) or Satya Nadella (Microsoft) have been responsible from conceptual shift for their companies, moving from “mobile strategy” to “cloud and artificial intelligence”.

Could we avoid psychopath and sociopath robots? CEOs of the Tech Giants companies need to influence in developers of AI the human touch. We do not want to live with fear surrounding by not ethic AI machines and robots. 

IoT´s CEOs involved in Artificial Intelligence must believe that machines and robots will help us to be better people. They need to boost the challenge in our future society and make sure that their Robots and Artificial Intelligence not only pursue productivity and profit but also other values eg justice, opportunity, freedom, compassion.

The Human touch of IoT´s CEOs to ensure democracy

We cannot conceive democracy today without the free use of technology. Technology, on the other hand, that is more difficult to control by citizens. Is it possible to democratize the technology, not only the Internet of Things? Could we avoid that a handful of companies come to dominate the Technology? and therefore our Democracies.

The temptation of the power is great in the IoT´s CEOs of the companies that manipulate huge amount of data of the people, of the intelligent devices at their whim.

I thought at some point that the Countries could prevent the creation of these monsters, but their powers already transcend the States. I fear that the fight of egos, in the heights in which these CEOs live, give priority to the Highlander philosophy "Only one can be left!" And drag the dormant democracies for their technology into the vacuum of complacency.

Today more than ever, we need CEOs with a human touch that ensures the health of our democracies.

The Human touch of IoT´s CEOs to ensure equality of job opportunities

Which IoT companies have a culture that allow dissent between the CEOs and the employees? IoT´s CEOs need to understand that people are not going to do what they want them to do unless I engender equal commitment and passion on their part.

I have worked for many years in different technology companies, and I have regrettably proved that their business cultures, far from differentiating themselves, are more and more similar.

We all know cases of companies, including those of IoT, that abuse salaries of interns or inexperienced employees, but the problem of overqualification when applying to a new job is no less true. Many of us have heard numerous times: Sorry, you are overqualified. Not sure I can manage you.

I am convinced that a human touch on the part of the CEOs would help to correct these endemic problems of the current business culture. What are you waiting for?

The Human touch of CEOs to ensure a dignified life for the elderly

I was wondering a few years ago with the Smart Cities hype, How will be our life as retired workers in the Smart Cities we are building?.

In light of what I'm seeing, there are currently not many IoT´s CEOs that are worrying about the elderly. Of course, because, they consume less, they produce less, they do not understand the technology created for millennials or the digital native, the generations that is going to change the world.

Considering that all IoT´s CEOs, or at least that's what I want, will also be older people, a human touch in the investment of technology for the elderly will now make their lives more dignified in a few years.


In a time where digital premium on the physical, where business results are required not every quarter, but every day, in a time of robots, cryptocurrencies, virtual reality it is not easy to be a CEO with human touch. But to save the World, to make sure we build ethical AI, to ensure democracy in the technology, to ensure equality of job opportunities, to ensure a dignified life for the elderly, we need their human touch.


Thanks for your Likes, Comments and Shares

Read more…

It’s no secret that data breaches are on the rise. In fact, there have been more data breaches than ever before. Medical data breaches are proven to cost more than any other type of breach, costing about 400 dollars per record.

Data breaches are rising dramatically putting them on the agenda for most C-suite and corporate boards. Customer information is being lost, trade secrets are being sold and confidential assets being breached can significantly lower customer loyalty and trust as well as definitely lower the reputation of those companies which were breached. They can also give the competition a significant advantage.

These aren’t the only things that companies have at stake. The many different types of cyber-security risks make cyber-security a vastly complicated problem. In fact attempting to protect the many different frameworks and CMS and private networks is fraught with other complications to layer on top of the complexities.

Today, governments are seeking ways to stem the tide of breaches and break-ins by creating new legislation that provides for specific levels of security and best practices for companies.

This tidal wave of governments and new cybersecurity regs and recommendations make additional problems in and of themselves. The United States government alone has proposed more than 200 bills (actually 240 at last count.) This includes legislative proposals for ways to deal with cyber-security. This number of mandates and proposals have taken place in just the past three years alone and the number continues to rise.

The proposals fall into a wide range of categories. In some cases the proposals are that companies implement direct requirements for protection. One example of this is that companies in the critical infrastructure arena are going to be facing requirements for security in the US and in the UK and EU as well. They will have specific requirements for risk assessment, control and for personnel training. The question is how can a country legislate a level of security when that level cannot be guaranteed by any company. There are even “trade secret” protection laws in the works that require companies to take “reasonable steps” in order to keep information about the programs and devices safe from cyber threats—though what those steps are is another unknown.

In addition to legislating the devices and services that are being legislated, share holders are becoming more demanding that companies safeguard medical and technical information. That means that securities laws as they relate to new IoT devices and services are also being legislated. In the United States, some measure of shareholder litigation as well as SEC proposals and enforcement are already launched and seeing some effect.

With all of the changes and the advances in technology, it’s no surprise that legislation will follow. Is your company ready for the changes that are being made in IoT and internet services?

According to Brink News, “The rising tide of cybersecurity regulation and recommendations complicates the landscape for companies.”

The National Institute of Standards or NIST, offers one of the most comprehensive tools for managing the risks involved in information security. Even the federal government agencies of the US are embracing it wholeheartedly. In a survey undertaken by Dell, more than 80 percent of professionals in the security arena are using the NIST framework for improving their own security, which makes it a great place to start for companies which are trying to come into line and ensure their compliance to the expected new regulations.

According to the experts, the NIST method and framework may well be the guideline that the courts and legislators will use to determine whether companies in the IoT and IT business are doing their best to secure devices and provide for data security.

There are other standards that are entering into play such as the ISO 27001 which is being used by many companies. The standard is different structurally than the NIST Framework though NIST makes reference to the ISO requirements in their own framework.

What is your company doing to secure their data and IoT devices? How are you set up to come into line with the regulations and legislation that is sure to be just around the corner?

Every company should be taking steps now to implement some type of protection to meet the ever changing threats as well as the ever changing cyber-security regulations.

Read more…
Email me when there are new items in this category –