Subscribe to our Newsletter | To Post On IoT Central, Click here


Security (128)

We often don’t compare technology to fable stories, but when it comes to the internet of things (IoT), the story of Pandora’s Box comes to mind. It’s a technology that has great potential, but where the weakness and possibilities lie are in it’s lack of basic security measures. We might even go as far as to say, what security? These are the concerns we’re thinking about at IT Security Central.

As a completely remote company, we’re taking measures to understand how the internet of things can impact our company data security. Hackers look to exploit technology vulnerabilities to access valuable information. Hacking an IoT connected fish tank, smart fridge - these aren’t far-fetched stories. These are stories that are happening now. 

The lack of secured IoT devices starts in the development phase. These devices are developed on a basic linux operating system with default codes that buyers rarely change. When these devices are developed, security isn’t on the agenda; rather, developers are looking at human behaviors and outside threats. When they should be looking inwards.

An unsecured IoT device is the weak link in the connection. As one of the fundamental purposes of the technology is to provide connection and accessibility, this one weak link can bring down the entire network. And if your remote worker’s BYOD devices are in someway connected to that network, your company just became vulnerable.

Remote workers or ‘the gig economy’ is expected to increase in frequency. According to the Global Mobile Workforce Forecast Update, employees working remotely is suppose to increase to 42.5% of the working population by 2022. At that time, the world is projected to see half of its population working outside the office either full-time, or part-time. 

Security vulnerabilities, remote workers and IoT - where is the connection? The scary thing, remote workers are likely to already have IoT devices in their work environment, and most likely, they are not protected. These devices can mostly be smart home devices that workers have acquired to make their daily lives easier. Common devices include Amazon Echo, Neo and GeniCan.

The first step in active prevention is to make your employees aware of the importance of data security and then aid them with the tools for success.

Best Practices for Protecting Your Network (from Remote Workers)

With the wealth of internet-based security technologies, the idea of protecting your network with in-house servers and the traditional firewall is (well) old school. With cloud-based companies, you can now access and protect data in easy step-by-step processes, and the best news, most of these companies do the data management for you.

One of the most progressive approaches to remote worker security would be to adopt a monitoring service to collect data and actively look for anomalies in the network. Through data collection and analysis, a monitoring software creates a user profile of normal, everyday behavior. The administrator can set ‘alerts’ for when certain data repositories and files are accessed, or when sensitive data is moved. The longer a data breach goes undetected, the larger financial implication for the company. Requiring remote workers to download and use a remote monitoring software is one of the highest levels of protect against data loss.

But if monitoring isn’t on your agenda, these are a few basic tactics that employers can encourage remote workers to undertake.

Permissions Management

Though the workers are remote, administration can set limits to data access. This process starts by undergoing a through analysis and understanding of each position. It’s important to understand who needs access to what information, and who doesn’t need access to information. Once this is understood, administrators can restrict information, and they can also set ‘alerts’ when information is accessed without prior approval.

Home Network Policy

Once employees leave the brick & mortar walls, the manager has little access where and on what internet network they’re accessing information. But don’t fret, this freedom and flexibility is part of what make remote work appealing. Where privacy might be a factor, we don’t suggest to go as far as asking remote workers to eliminate IoT devices on their network. Rather, we encourage to create a policy that specifically states the security requirements that the IoT must have in order for the work network to be accessed. By educating your employees, you can save them and data loss heartbreak.

Encryption

Encryption, encryption, encryption. You’ve heard the importance of encryption. For remote workers, the company can never be too safe, so they should go the extra mile and set remote workers up on an encrypted network. A VPN ensures all connections and communications are encrypted when the network is accessed. Don’t worry about IoT connectivity in their home, or when remote employees connect to an unsecured public wi-fi connection. A VPN provides the next level of security through encryption, and a hacker won’t be able to access communication or data without alerting administrators to a potential breach. 

IoT devices are already integrating into our at-home lives, and when remote workers access their at-home networks, suddenly the topics collide. As more workers go remote, it’s important to look inwards towards security to see how everyday IoT devices impact company data. Take the time to ensure that remote workers are protecting the network effectively.

Guest post by Isaac Kohen. Isaac Kohen is the founder and CEO of Teramind (https://www.teramind.co/), an employee monitoring and insider threat prevention platform that detects, records, and prevents, malicious user behavior in addition to helping teams to drive productivity and efficiency. Isaac can be reached at [email protected]. Connect with Isaac on social media: LinkedIn, IT Security Central and Twitter @TeramindCo.

 

 

Read more…

Quantifying IoT Insecurity Costs

Ever wonder what is the real cost of IOT insecurity?

Well reseachers at the University of California, Berkeley, School of Information recently published a report that attempts to lay out the costs to consumers in the context of DDoS attacks. The report focuses on exploiting vulnerable devices for their computing power and ability to use their network’s bandwidth for cyberattacks—specifically DDoS attacks on Internet domains and servers.

Researchers infected several consumer IoT devices with the Mirai malware and measured how the devices used electricity and bandwidth resources in non-infected and infected state. Their hypothesis: compromised IoT devices participating in a DDoS attack will use more resources (energy and bandwidth) and degrade the performance of a user’s network more than uninfected devices in normal daily operation.

Based on energy and bandwidth consumption they developed calculator to estimate the costs incurred by consumers when their devices are used in DDoS attacks. Two recent and well publicized attacks, and one hypothetical, were calculated:

  • Krebs On Security Attack: According to their cost calculator, the total electricity and bandwidth consumption costs borne by consumers in this attack was $323,973.75.

  • Dyn, Inc. Attack: They calculate the total cost borne by consumers as $115,307.91.

  • "Worst-Case" Attack: This hypothetical “Worst-Case” scenario approximates the costs that could result if the Mirai botnet operated at its peak power using a UDP DDoS attack. The projected cost to consumers of this attack is $68,146,558.13.

Commenting on the study, Bob Noel, Director of Strategic Relationships and Marketing for Plixer said, “Organizations with enslaved IoT devices on their network do not experience a high enough direct cost ($13.50 per device) to force them to worry about this problem. Where awareness and concern may gain traction is through class action lawsuits filed by DDoS victims. DDoS victims can suffer financial losses running into the millions of dollars, and legal action taken against corporations that took part in the distributed attack could be mechanism to recuperate losses. Companies can reduce their risk of participating in DDoS attacks in a number of ways. They must stop deploying IoT as trusted devices, with unfettered access. IoT devices are purposed-built with a very narrow set of communication patterns. Organizations should take advantage of this and operate under a least privilege approach. Network traffic analytics should be used to baseline normal IoT device behavior and alarm on a single packet of data that deviates. In this manner it is easy to identify when an IoT device is participating as a botnet zombie, and organizations can remediate the problem and eliminate their risk of being sued.”

Or as we've argued before, regulation is key. And now that we have an economic cost on IoT insecurity, we have better information for regulators to pursue strategies and legislation for enforcing workable security standards to reduce the negative impacts of IoT devices on society.

 

 

 

Read more…

The IoT is already shaping modern society in various ways. While many of these are positive aspects that result in streamlined communications, easier access to information and a greater quality of life, there are some major roadblocks in the push toward widespread IoT implementation.

One of the primary concerns revolves around the security of IoT-connected devices. A demonstration by Avast at the Mobile World Congress (MWC) in Barcelona recently uncovered a flaw in current-gen IoT infrastructure. Not only can they potentially gain control over tens of thousands of different devices, but they can also use the assembled processing power to mine $1,000 of cryptocurrency in a matter of days.

Identifying the Easiest Targets

Although Avast's demonstration didn't involve a full-scale replication, it underscores serious security flaws in the nature of current-gen IoT devices. If a widespread attack did occur, hackers would likely focus on the weakest targets.

Unsecured home networks are ideal for this sort of hack. As the average homeowner continues adding new smart-devices to the home, the hacker's job becomes even easier.

The task of hacking into thousands of unsecured home networks and taking over 15,000 or more devices might be insurmountable for a lone hacker, but a team of experts could readily pull it off and begin mining cryptocurrency without the owners' knowledge.

Some hackers might target small businesses or even larger corporations. As these networks easily contain the necessary number of IoT-connected devices, an individual could quickly gain control over thousands of different systems.

Mining, in this context, is a process of verifying transactions across a cryptocurrency-backed network. Cryptocurrency miners use various tools — including hardware and software utilities — to solve sophisticated mathematical algorithms and, as a result, generate digital monies that are tradable for real-world goods or cash.

Since coins are often used for nefarious or downright illegal activities, hackers try to use the accounts of unsuspecting victims whenever possible to maintain anonymity and cover their tracks.

Many popular coins, like Bitcoin, require advanced hardware that’s available in current-gen smart-devices. But other cryptocurrencies, like Monero, are made to harness the power of many individual machines simultaneously.

Similar Incidents in the News

A flaw like this isn't the first time that IoT-connected devices have been proven vulnerable to hacking. As reported by IBM X Force, a revised version of the Mirai botnet is programmed to take over a device and mine cryptocurrency via Linux.

Mirai is disheartening to security experts. It was the botnet responsible for a 2016 DDoS attack that caused massive service outages on sites like Netflix, Reddit, GitHub, Twitter and more.

According to a statement released by IBM X Force, the botnet gains entry into a system via the BusyBox program on Linux-based machines. Considering that Linux runs some of the largest and most popular websites, operating systems and software packages, the potential for exploitation is very serious.

Fighting Back

Fortunately, you can take some steps to secure your network from outside threats — including the latest botnet hacks. Always make sure your devices are on a secure network and protected behind a strong password.

Update your hardware with the latest updates as soon as they're available from the manufacturer, and use software protection — like antivirus and anti-malware utilities — on smartphones, tablets, laptops and desktop computers.

To make the job even harder for would-be hackers, avoid connecting to public Wi-Fi whenever possible. Never keep your personal devices on the same network as your primary desktop or laptop, as this makes it easier for cyber-criminals to jump from one system to another.

Finally, make sure to change the default login credentials on any new device you add to the network. Many come with generic information that is easily exploited.

How the MWC Is Protecting Our Networks

The Mobile World Congress — dubbed the "world's largest gathering for the mobile industry" — is organized by the GSM Association. Sometimes known as the Global System for Mobile Communications or simply "the GSMA," the organization began hosting events in 1987. It remains the largest conference in the mobile industry, and it continues to highlight new security flaws and solutions — including problems with IoT connectivity — to this day.

Stay up to date with the trends of these devices and activity surrounding them, and you’ll have a better shot at fighting back against hackers.

Read more…

IoT Cyber-Security Puzzle

Image courtesy: Pixabay

I recently attended one of a significant [email protected] Internet of Things event which featured keynotes, speeches and presentations from CTOs/SVPs-Tech/VPs of major IT firms. Attending these presentations sometimes give you a feeling of being in literature or a rhetoric club where instead of hearing context oriented speeches you get to listen to a bunch of fairy tales with almost every sentence including overused adjectives like “trust”, “motivation”, “responsibility” and so on.  An SVP of a major IT player was asked about the measure (technical) her company takes to ensure data integrity and prevent cyber-attacks. Interestingly, her answer to this was the statement that “they maintain a culture of trust in and around the company”. To me, it is like standing in front of a hungry lion and telling him that you believe in non-violence. Today in the age of internet and IoT, we have to deal with thousands of cyber criminals (hungry lions) who are waiting to penetrate the system and make most out of it. To keep them out you need a lot more than just “trust”.  

On the same event, I had an opportunity to talk to many cybersecurity experts and companies, and I confronted them with a question of mentioning at least one relevant cybersecurity norm/standard/certificate pertinent for each major component in an IoT stack. Unfortunately, most of these discussions turned into some sales pitch. The question one can raise at this point is that is it so challenging to mention at least one “state of the art” cybersecurity measure for every IoT component? Or just that the topic is underestimated? 

This blog is just an attempt to name a relevant security standard/certificate or measure for every major element in IoT stack (see below) without going deep into the details of each and very standard/norm or certification. 

For this sake, we will assume a simple IoT stack as illustrated below :

 

Fig.1: IoT stack of a simple use case

In this use case, an industry sensor collects the physical parameters (temperature, pressure, humidity etc.) and transmit the values via Bluetooth/Wifi/wired connection to the gateway or edge device. The gateway device, depending on the type (simple or edge) perform a certain minimal calculation on the received data and push it into the cloud via a Wifi/4G connection. The cloud collects the data and uses this data to feed desired micro-services like analytics, anomaly detection etc. Cloud also offers an interface to the existing enterprise and resource planning (ERP) system to synchronize the running process with the current one as well to provide product /service related information over the IoT platform to the end user. What the user sees on his screen is then the dashboard of IoT use case which is a graphical representation of the micro-services running in the background. 

As we can see, there are four to five main stages and at least three interfaces (sensor-gateway, gateway-cloud, cloud-user) in a typical IoT use case. These stages and interfaces are on the target of cybercriminals who try to hack into the system with the intention of either manipulating or hi-jacking the system. Safeguarding just the components is not adequate. The underlying IoT communication layer (Bluetooth/Wifi/4G etc.) need to be secured as well.  Also, organisations running or involved in such IoT use cases must ensure safety and integrity of the process, technical as well as user data through a certain information security management system (ISMS) in place. 

To sum up, we need security measures at a component, communication-interface and organisational levels. Now if I have to write state of the art or “best in class” security measure (excluding cryptography) next to each stage, communication type and interfaces in the diagram above, then the resulting picture might look like the one below. 

 

Fig.2: IoT stack with relevant cyber-security measure

 

What, in your opinion, could be included/excluded or replaced in this diagram? Feel free to share your opinion.

 

Read more…

 

The Internet of Things — or IoT — is taking the IT sector by storm. Although it only boasted two billion systems in 2006, it's set to reach 200 billion connected devices by 2020 — and even more beyond that.

As companies and consumers all continue to explore the benefits of the IoT, one thing has become clear: the IoT needs proper encryption.

Given the sheer amount of online and network-oriented threats today — including everything from traditional viruses to advanced malware and malicious computer coding — data encryption is necessary to ensure the long-term success of the IoT.

Establishing these protocols while the IoT is still in its infancy will provide additional integrity to IoT-fueled projects and generate increased interest in the platform as a whole.

Overcoming the Roadblocks to Success

Modern society is well on its way to embracing the IoT for everything from industrial automation to in-home convenience, but there are two significant roadblocks to the platform's success.

1. Power Consumption

Today's IoT networks, which contain servers, access points and peripheral devices, consume enormous amounts of power altogether, but some tools require more power than others. 

While traditional network-level encryption tools are optimized for larger systems and infrastructure, they don't always scale down to smaller formats in an efficient or viable manner.

Developing a chip with higher energy efficiency and the ability to scale down minimizes the strain on current and local power grids and makes it easier to secure individual devices via existing encryption methods. 

2. Data Security

Consumers have received an enormous dose of reality in the 21st century. Those who haven't fallen victim to a cyber attack or hack probably know someone who has. The number of data breaches involving consumer information is troubling.

There are even rumors of foreign entities interfering with U.S. elections, including the 2016 election of President Donald Trump. Data security is in the spotlight now more than ever before, and it's a tremendous obstacle for the IoT to overcome.

However, a new chip manufactured by the team at MIT solves both of these problems. Not only does it focus specifically on public-key encryption — a straightforward and user-friendly method of modern encryption — but it also consumes 1/400 of the power of comparable chips.

It also uses 90% less memory than current chips, which lets researchers execute commands and complete processes up to 500 times faster.

Encrypting Consumer Data via Mathematics

The newest chip utilizes elliptic-curve encryption. It's a highly sophisticated, dominant form of data security often used in HTTPS connections. MIT's latest advancement efficiently breaks this system down for use on the individual devices that comprise the IoT.

As noted by the team at MIT, "cryptographers are coming up with curves with different properties."

The new chip is flexible enough to support all the known curves in use today, giving it maximum compatibility with different organizational and governmental standards. The team hopes to implement additional support for any future curves, as well.

Making Advancements in Artificial Intelligence

The team at MIT is also making headlines in the area of artificial intelligence (AI). Between self-driving cars and increased automation both in the factory and the home, AI is a hotbed of debate. Whether consumers are in favor of automation or against the idea altogether, one thing is for sure: AI-driven robots must operate by an acceptable set of ethical standards.

Just like encryption, it's a subject that invites multiple interpretation and solutions.

To spur development into the future of AI ethics and programming, MIT recently took a poll of the online public. By seeking the input of the average consumer, the school hopes to play an essential role in how next-gen robotics make decisions, prioritize tasks and interact with their human counterparts on a daily basis.

How MIT Is Safeguarding Our Future

Between the increased need for data security and sophisticated AI, IT experts have their work cut out for them.

The work of individuals and groups like the team at MIT is already making headway into these areas, but society is only at the beginning of what will likely become a long-term, complicated relationship with technology.

Image by Kevin Ku

Read more…

 

 

IoT security challenges

 

IoT is a complex network of billions of Internet-connected devices that collect and transmit huge amounts of data across of a wide range of devices (sensors, robots, machinery, mobile apps, digital assistants, etc.) and integrated systems. Also, the data have to pass different administrative boundaries with different policies. Certainly, all of it creates challenges for protecting the IoT ecosystem.

First, companies and organizations have to ensure privacy and confidentiality of user data. Second, data communications should be protected at all levels. So, when building an IoT solution, take care of the “right” data delivery including the right place, time, and form. Third, make all interactions traced and monitored so that suspicious activities will be instantly detected.

There are many IoT security risks and challenges you should know and prevent when developing an IoT project. In terms of increased worry about cyber attacks and data privacy, companies have to establish new security models and integrate innovative technologies. In the IoT world, the use of Blockchain is an emerging trend promising to solve most or even all of IoT security issues.

 

What is Blockchain

 

Blockchain is a technology of the distributed ledger that maintains a continuously increasing number of transactions. Representing an immutable and inconvertible record and being based on cryptographic algorithms, Blockchain provides data security and protects data.

As Blockchain is decentralized, there is no central authority or regulatory body required for transaction approval and management. A distributed technology nature makes computer servers to come to a consensus, allowing transactions to be carried out anonymously and without intermediaries.

Blockchain is also about trust: cryptography is used to prevent technical data forge and distortion. In the chain of blocks, each block contains a hash serving as a link to the previous one. Thus, it’s impossible to substitute an intermediate block in the finished chain.

So, Blockchain provides a high-security level. While the tool is the same, it has many successful applications in a variety of business industries. Mika Lammi, Kinno’s Head of IoT Business Development, Kouvola Innovation Ltd, said: “I believe Blockchain to be one of the truly disruptive and innovative application areas in the world now, and that it will create huge waves across all imaginable business sectors”.

 

Blockchain and IoT

 

Coming up with decentralized, autonomous, and data protection capabilities, Blockchain has a great potential to secure the IoT ecosystem. In the Internet of Things, Blockchain can keep an immutable record of connected devices’ activities and automatically maintain the history of their communications.

What’s more, by integrating the technology, companies and organizations can allow trustless safe message exchanges between IoT devices. In this case, Blockchain will work like in financial transactions: data is transmitted between multiple devices and delivered to the places required. To enable peer-to-peer messaging, businesses can integrate Ethereum smart contracts serving as the agreement between two parties.

For example, let’s take Blockchain and IoT linked together to improve manufacturing operations. Here the use of Blockchain can enable smart devices to not only exchange data, but even automatically execute financial transactions. IoT devices monitor machinery and equipment health, alert managers about problems, and order repairs when required.

In the agriculture industry, farmers can place IoT devices to collect data about crops in order to ensure an efficient functioning of the irrigation system. Smart contracts describe how the solution parts (analytics system, sensors, etc.) should behave based on the conditions defined. This approach helps provide automatic water management.

 

Blockchain advantages for IoT security:

 

  1. Immutable record of all data communications
  2. Monitoring of suspicious activities
  3. Prevention of data forge and distortion
  4. Peer-to-peer messaging between IoT devices
  5. Autonomous functioning of smart devices

 

Today, Blockchain is one of the most promising trends in IoT security field. Decentralized and data protection capabilities make Blockchain a perfect part of IoT solutions. Understanding the technology prospects, many companies have already integrated Blockchain to solve IoT security challenges.

Read more…

Botty Media

The revolution of digital technology has disrupted and transformed the entire Media Industry. The evolution of print to online media has significantly impacted the individual, business, society, and nation overall. The digitization has changed the judicious "decision-making" capability of an individual which can make or break something powerful in this world. 

The advent of the Internet and transformational technologies have redefined the way we gather, receive and consume the news today. During the Pre-Internet era, it was challenging to get international or even national information without the Newspaper which slowly evolved to Radio, Television, and Social-Media. 

With time, 'Time' became the most significant challenge which a man is always battling especially in the fast-paced mechanical world. This challenge paved the way for one of the biggest business opportunity for Media Industry in the world. Mobility became the future, and with this development, the media rapidly advanced itself in the era of social-media by providing online-news via apps which led to the decline of the print-media businesses. 

However, the ever-growing influence of online social media gave birth to the 'Fake News or Yellow Journalism which refers to journalism that provides little or no legitimate or well-researched news. Instead, they present headlines story that is eye-catching and sell more newspapers. The media and all other superpowers in the Industry who wanted to manipulate adopted methods such as exaggerations of news-events, sensationalism, scandal-mongering, deliberate hoaxes or misinformation via print and broadcast news media or online social media. 

The fake news is published or written with the explicit intention of misleading to damage the reputation of an entity, agency or a person, and or to gain politically or financially, often using outright fabricated headlines to increase readership, coverage, online sharing, internet click revenues or any hidden business motivations. 

To top it all the technology has proven advantageous to players in the 'Fake News.' The 'Bots' are designed with the intelligence and robotic power to perform any automated task without human intervention. In the case of online media, they are programmed to gather and collate 'Fake News' that could make or break any business, people, society or a nation. 

Let us take the recent case of 2016 US presidential election, according to the CBS News the stories which consistently featured in Google's top news search results were widely shared on the Facebook and they were taken seriously by the readers. Mark Zuckerberg, CEO of Facebook, made a statement, "I think the idea that fake news on Facebook influenced the election in any way, I think is a pretty crazy idea." A few days later, he blogged that Facebook was looking for ways to flag the fake news stories. Angela Merkel expressed her concern by discussing the topic on Fake News and Bots which can manipulate public opinion is committed not to use social bots for her campaign strategy.

However, demonizing bots might cause society from overlooking the possibility of using the same bots for the good of mankind. Be it a Bot or Chatbot it can be the optimal tools for eliminating the fake news from the system. Using Artificial Intelligence (AI), the bots can be programmed only to collate legitimate news whose data source has been validated. Apart from eliminating the rudimentary system of reporting, the 'AI Bot or Chatbot' will automate the entire online news reporting system and slowly eradicate the yellow journalism from its roots. 

To summarize, the 'Media Industry' should collaborate with Technologists and Subject Matter Expertise for designing and developing AI Bots that can bring in the Next-Gen online news reporting system which will be instrumental in eliminating the 'Fake News' from the system and help establish people's trust back in the power of the Social Media. More importantly, reinstating the judicious decision-making capability of an individual. 

Read more…

Evolution of Drones

It is the 'Era' of Unmanned Aerial Vehicles (UAV), or Unmanned Aerial System (UAS), an all-encompassing term which includes the aircraft or the UAV, and the ground-based controller (the person operating the machine), and the system of communications connecting the two, commonly known as 'Drones.' 

Today, the drones are revolutionizing the world and businesses which hardly anyone could have ever imagined. UAVs or drones was an aircraft without a human pilot aboard. UAVs include both autonomous drones and Remotely Piloted Vehicles (RPVs). 

According to the brief history "The U.S. military experimented with pilotless aeroplanes as “aerial torpedoes” or flying bombs far back during the first world war, but with no significant success—until the Vietnam war, when jet-propelled, camera-equipped drones built by Teledyne-Ryan were launched and controlled from U.S. Air Force C-130s. 

"Abraham Karem born in 1937, is regarded as the founding father of UAV (drone) technology. "Karem built his first drone during the Yom Kippur war for the Israeli Air Force. In the 1970s, he moved to the USA and founded his company Leading Systems Inc. He started the manufacturing of his first drone 'Albatross' in his home garage. Later on, the sophisticated 'Amber' which eventually evolved into the famous 'Predator' drone that brought him the title of "drone father". Karem has been described by The Economist magazine as the man who "created the robotic plane that transformed the way modern warfare is waged, and at the age of 80 he continues to pioneer other airborne innovations." 

The UAVs or drones were associated with the military and those used by the US Air Force for surveillance, small intelligence, and reconnaissance craft of which some of them were light enough to be launched by hand, medium-sized armed drones to large spy planes. However, with the technology that is in use is incredibly advanced. It uses Artificial Intelligence (AI), GPS, 3D scan, Biometrics, to Robotics and remote control to pilot essentially unmanned aeroplanes of different sizes, weights, reaching new heights figuratively and literally. 

Let me discuss some of the significant use-cases of the Military or Law enforcement Drones:

1. Air Strikes: The UAVs or drones are used for air strikes. According to President Obama, the US Military used drones to attack militants in the tribal areas of Pakistan. The drones hover over the suspected areas to fulfil the military operation.

2. Bomb Detection: The increasing frequency of terrorist attacks which the world has witnessed in the recent past can be mitigated with the help of drones. Small size drones can easily penetrate into the restricted areas. The inbuilt cameras make the drone highly suitable for bomb investigations. Thus the UAVs are apt for detecting the unexploded bombs and securely dealing with a potential bomb threat. 

3. Surveillance: Any country's Defence tends to conduct periodic surveys to ensure the protection of the place and its people usually. The drones are also used for criminal surveillance which could help trace missing persons, a search of criminal gangs or mafia groups. In 2009, the drone from Dayton carried out surveillance for 200 hours across cities. This helped in capturing the images of thirty-four murders as they happened in real-time. These attacks were carried out by a cartel, and the footages helped the Police to get to the perpetrator's getaway, vehicles and their various accomplices. 

4. Hostage Negotiation: The future of the drone could be an application of tiny drones, the size of an insect which will be capable of revealing the happenings in a hostile location. It is believed that the manufacturers will be able to provide 'Biomimetic' designs which will be suited to mimic nature along with the 3D depiction scan for appropriate handling of a hostage situation. The drone will help show precise details of exact happenings in the given locations without risking the lives of the security personnel. The drones will be of good use in conducting negotiations without the need for sending a negotiator to the hostage site. Instead, it can be achieved by sending a drone with a facility for a facetime chat with the hostage-taker. 

5. Crime Scene Analysis: Drones play a significant role in the future crime scene investigations due to the drone's ability to take photos and inspect the scene without any contamination of the pieces of evidence. Hence, the investigation team will not risk mistakes like footprints and fingerprints which were not supposed to be there. The police also could use drones to trackback discarded weapons from the crime scene location. Drones to help create maps for prosecuting or solving various crimes and documenting the evidence to convict the criminals who have walked-out scot-free due to lack of sufficient documented proof against them. 

6. Drone in Drug Interdictions or Tracing Missing Persons: Today, drones that are equipped with spectroscopic sensors help in detection of the meth labs, and similar use case can be applied for the storage of drug at sites to help in dealing with the menace of the illegal drug trade. It is most common for some close person to have gone missing. There have been several cases when a child has gone missing in a large crowd, or a person with Alzheimer disease has wandered from home. The drones equipped with cameras, facial recognition or license plate readers software will be able to swiftly and efficiently search and track the missing people. These drones will transform the way the future search operations of the missing people are conducted.

Military usage of UAVs or drones has become the primary use in today's world. According to Goldman Sachs, military spending will remain the primary driver of drone spending with an estimate of $70 billion drones by 2020. According to the latest news, "The US Military's latest autonomous aircraft is radically changing how they resupply units in the combat zone. It is all about keeping the troops safe and saving lives. The UAV helicopter is meant to resupply forces in combat zones quickly delivering ammunition, water, batteries, and even blood before returning to base. With no need for pilot or crew, it could eliminate the need for troops to fly or drive supplies to hostile, fire or dangerous roadways. The project is a partnership between the office of Naval research and tech company Aurora Flight Systems."

These are some of the use-cases of the Military or Law-Enforcement UAVs or Drones which I have discussed here. However, in my next couple of articles, I will be addressing the Non-military or Commercial, Personal and Future use-cases of the UAVs or Drones that has disrupted and transforming the world. 

To conclude, the drones will play a vital role in the resolution of future conflicts and the replacement of the human pilot. Drones are also cost-effective, time-saving and life-changing. Although, the application of drones in the Law-Enforcement domain is niche but will need the Federal Aviation Authority (FAA) to have the relevant regulations which would govern the right use of 'UAVs or Drones' in a lawful manner that will bring protection to the people and its nation.

Read more…

Over the last couple of years, the Internet of Things grew into a huge gate between the reality and the digital world, and CES 2018 was the event that nailed it. IoT dominated the event with a vengeance, and it could be roughly divided into two major areas: smart home (with a nod to smart city) and industrial Internet of Things (with a nod to the much-hyped Industry 4.0).

The event showed the inevitable changes in the industrial sector that are likely to reward early adopters with shares on the market. Meanwhile those who avoid innovation get left behind in the long run. Such companies as Bosch reinvent the way manufacturers run their facilities, with a focus on increased performance and care for safety of human workers.

Smart home was represented not only by a huge variety of standalone products, but also by closed ecosystems created by such consumer tech giants as LG.

Automotive industry always has been leading in innovation with self-driving and connected cars being part of the IoT market. This year all major car manufacturers hosted a kind of car show inside CES, introducing new automotive IoT products.

Besides these spheres, there were two more major followers of IoT trends: healthcare and retail. Both aim for automation of operations, provision of personalized experience to customers, and overall transformation of the ways they operate.

Read more…

 

The Internet of Things plays an important role in today’s life, affecting a plenty of businesses and changing the way we work, live, and entertain. Coming up with workflow automation, remote equipment monitoring, inventory tracking, and real-time data collection, IoT promises to bring innovation in various industries.

Understanding high IoT potential, companies and corporations invest in IoT projects, startups, and initiatives. According to New IDC Spending Guide, the worldwide IoT spending is predicted to reach nearly $1.4 trillion in 2021. What’s more, Gartner research expects the number of IoT-enabled devices will be about 21 billion by 2020.

Though IoT provides many advantages and opportunities, there remain IoT security risks and challenges, that now are of the highest concern. Since today almost everything can be hacked, businesses have to look for and integrate new security mechanisms allowing to ensure data and device protection.

 

The main IoT security risks

 

1. Data Leaks

Smart devices collect and transmit various data that may involve such important information as credit card numbers, zip codes, customer locations, camera images, IP addresses, and much more. A leakage of private/personal/business/financial data can lead a company to money and reputation losses, and harm people’s lives.

2. User verification

Misconfiguration and default passwords use are common reasons for the appearance of device/data vulnerabilities. That’s why engineers should implement the ability for customers to create their own passwords while establishing the highest level of password reliability that all users have to follow.

3. Lack of regulations

Unfortunately, there are often no regulations for IoT devices. The creation of a standards-based approach to security should be a top-priority task for companies, organizations, and even governments.

4. Unknown surveillance

Often unprotected IoT devices can be accessed by any remote user or at least can be easily hacked. The consequences can be poor: for instance, streaming and selling private videos and images (including those from stores, shopping centers, etc.).

 

IoT security recommendations

 

1. Focus on data traffic monitoring. Imagine a cloud IoT solution, that monitors both inbound and outbound traffic, traces all suspicious activities, blocks unsafe communications, instantly alerts users and the central system about potential problems, and prevents data leaks.

2. Implement end-to-end encryption in your application, the most reliable way to protect user data. Famous mobile messengers WhatsApp and Viber added the support of e2e encryption long ago. If your project implies many data/user communications, you can use this approach too.

3. Use reliable tools that help ensure data confidentiality and privacy as well as build a secure and scalable data storage. Integrate a feature of suspicious activity and malicious code monitoring. For example, today we can see an increasing use of AI technology for real-time security monitoring.

4. Focus on testing activities. When developing an IoT solution, pay a lot of attention to the testing/QA process. It’s much better to prevent any security issues at the pre-release stage than waste time for bug fixing after.

5. Integrate a Blockchain decentralized approach. Since Blockchain is based on cryptographic algorithms, it helps protect and manage data. Blockchain has all transactions (interactions) recorded, so the history of smart devices will be also recorded. At the moment, the use of Blockchain for securing the Internet of Things is one of the emerging and most promising trends.

 

As you see, there are really good ways to minimize IoT security vulnerabilities. Here I should note that one of the best recommendations for developing a successful IoT project is to apply to a reliable IT company that would focus on security and data privacy issues. Also, when choosing the company, pay attention whether it meets the GDPR requirements, which will be especially important from the regulation enforcement on May 25, 2018.

 

Read more…

The Invisible Threat to Your Health - IOT

Consider the normal hospital or home care scenario today. A patient—your patient—is receiving different therapy intravenously. That IV fluid is being administered using a pump known as an infusion pump.

Today those infusion pumps are connected to a network of devices on a hospital’s internet network.

Now consider the ramifications of an outsider hacking into the network and controlling all of the devices on that network, as well as being able to access all of the medical records on the network and to create a serious danger to the hospital and all of the connected patients. It’s a threat that is invisible and one that you don’t really think about but the potential is there.

It’s a scenario that is more than plausible, it’s actually taken place. There have been insulin pumps hacked multiple times.  Johnson & Johnson became the first company to warn their users about the potential for hacks in their insulin pumps.

Billy Rios wrote about it for Bloomberg and even the FDA has taken notice, very recently stating that they knew that there were problems with medical devices and that sufficient security in those devices was probably not in place. They said that the current regulations and the current controls were not enough.

Recently the FDA released a set of guidelines that were designed to assist in this conundrum. They are encouraging all medical device manufacturers to make their cyber-security stronger and to ensure that clients and patients could not be damaged by hacks to products.

This was in response to Executive Order 13636 and Presidential Policy Directive 21,but it was also a response to the many cyber-security experts who have written directives and voiced their concerns about the problems inherent in connected medical devices.

There are dozens of problems with IoT medical devices and their ability to be hacked, but it isn’t just medical devices that are used directly for patient treatment. Other problems have been found in devices such as x-ray machines and MRI machines that allow them to be breached and require a fix in order to ensure patient safety.

Despite actual white hat hacks and security concerns voiced by experts, many legal experts say that the harm caused or the potential to harm is pure speculation. Reed Smith partner Steven Bornian believes that no medical device will ever be completely secure and that no IoT or medical device risk may be completely eradicated. That means legislating the security for them simple is not feasible, but still that seems to be the way that governments are heading.

The FDA has, for now, focused their approach to this problem on encouraging companies to offer workarounds for the user and temporary fixes if there is a breach. They believe this may be better than trying to regulate or legislate companies to prevent the breaches entirely, which many experts say may be impossible.

That isn’t going to be a long lasting solution because even as we discuss it, things are changing. Countries are seeking the right legislation for use in protecting the data and the patients who use medical devices. Having an on-board cybersecurity specialist is going to be imperative for any company offering connected devices in the near future. Is your company ready?

Read more…
RSS
Email me when there are new items in this category –

IoT Open Discussion Forums

Upcoming IoT Events

More IoT News

How wearables can improve healthcare | TECH(talk)

Wearable tech can help users track their fitness goals, but these devices can also give wearers ownership of their electronic health records. TECH(talk)'s Juliet Beauchamp and Computerworld's Lucas Mearian take a look at how wearable health tech can… Continue

IoT Career Opportunities