Hollywood has no shortage of over-the-top movies focused on hacking. Movies such as Live Free or Die Hard, in which criminal elements gain complete control of the United States via sophisticated hacking. However, as the Internet of Things increasingly connects our physical world to the digital world, these types of attacks can no longer be relegated to the realms of sensationalist fiction. Serious damage can be done through even the most mundane devices, as seen in the recent DDoS attack in October using Mirai’s connected cameras. And now, the ability to use those bots to attack again is available for rent. As Forrester notes, this is just the “tip of the iceberg when it comes to using connected devices to do harm.”
The question is – how can the challenges involved in implementing efficient IoT security protocols be overcome in order to mitigate the risk?
While it is clear that IoT devices and networks require serious security, implementation is complicated. With so many different verticals and device types using a variety of connections and architectures, a one-size-fits-all solution is out of the question. Further, because the need for security is less tangibly measured, it is much harder for device makers and consumers to understand and differentiate between different solutions. Also, the overwhelming number of IoT devices being produced (and not just by the largest tech companies) makes standardization of security difficult, if not impossible, and an unattractive investment for smaller companies competing in low-cost environments or aiming for a quick time to market.
As the entry of the IoT heralds the dawn of a new technological era, addressing the issue of security will require a similar paradigm change, involving new technology solutions and business models. New devices need to be designed with security as the foundation, not merely an afterthought and device makers must constantly improve and adapt to changes. New security procedures will have to be developed that aren’t price, power and performance intensive. And competitors may find themselves forced to cooperate in order to develop the security standards essential to the success of the entire IoT ecosystem.