Sunday, January 26, 2014

Internet of Things security

Proofpoint, a computer security company, has confirmed what we long suspected: Internet-of-things devices pose computer security threads.  Their article, which you can find here, describes how they found a variety of household Internet-connected devices were sending out malicious emails.  The offending devices included multimedia devices and "at least one refrigerator."

 The idea of refrigerators as sleeper agents or Skynet nodes may sound like a Saturday Night Live sketch, but this observation has some serious implications.  PC security, while far from perfect, is much better than it was 20 years ago.  IoT devices are at a primitive level, but unlike PCs, consumers often have no reason to worry about them.  Malware on PCs may be used to attack other computers, but everyday users understand the very real threat to their data that is posed by these programs.  As a result, consumers are willing to invest in computer security tools.  So long as malware on IoTs is used to attack other computers without seriously affecting the device, consumers are unlikely to care much that their refrigerator has become a zombie.  And the market for these devices is sufficiently cost-sensitive that manufacturers are unlikely to introduce strong security measures on their own.  Like so many things, it may take a disastrous event to wake people up to the problem.

No comments:

Post a Comment