The document discusses the rise of the Internet of Things (IoT) and the security concerns that come with connecting everyday devices to the internet. It notes that while IoT promises to make life more convenient by allowing refrigerators, lights, shoes and other objects to communicate with each other, it also creates new security vulnerabilities that could be exploited by hackers. The document cites the example of the Stuxnet computer virus that damaged Iranian nuclear centrifuges. It warns that as more devices connect to the internet, they will generate large amounts of sensitive data and become potential entry points for attacks that might compromise people's privacy, safety and property if not properly secured.
Singleton Pattern (Sole Object with Global Access)
AreWePreparedForIoT
1. The day is not far when virtually all the
electronic devices from phone to cars from
refrigerators to light switches will be
connected to internet and will create a huge
network of communication to make our life
easier. But are we really prepared for this?
Are we prepared
for IoT?
Rathoud, Sameer
2. If futurists are right, we are going to enter
in an era where all the physical objects we
interact with on our daily basis, will gather
the data through sensors, connect to
internet and communicate with each other
through the buzzword and sci-fi movie worth
concept Internet of Things (IoT).
Optimist believes soon these daily usable
object will become intelligent and will make
our life easy. Tomorrow a refrigerator may
suggest you a recipe by looking at the
content in it. A light may get dim when you
are feeling sleepy. Your shoes may monitor
your health and suggest how much calorie
you should burn or even may be your shoes
will tell, how much calorie your friend has
burned. Your dress will monitor your health.
Our highways will be safer. Our house will be
more efficient. And may be every single idea
will become true with IoT tomorrow.
With IoT the devices will be connected to
various sensors. Through these sensors they
collect lot of data, analyze these data and
provide suggestion or take some action
based on the conclusion of data analysis.
But there might be the chances that the data
captured by these intelligent devices or data
flowing across the internet are highly
sensitive and private and by considering
privacy and security as stand these devices
provide a highly vulnerable point to hackers.
Instead of making our life easy as supposed
to be by these IoT devices, it can create
security havoc.
Few years back an incident came in notice,
where a malware worm named “Stuxnet”,
which was designed to attack industrial
programmable logic controller (PLC). PLCs
allow the automation of electromechanical
processes such as those used to control
machinery on factory assembly lines,
amusement rides, or centrifuges for
separating nuclear material. Exploiting four
zero-day flaws, Stuxnet functions by
targeting machines using the Microsoft
Windows operating system and networks,
then seeking out Siemens Step7 software.
Stuxnet reportedly compromised Iranian
PLCs, collecting information on industrial
systems and causing the fast-spinning
centrifuges to tear themselves apart.
Stuxnet’s design and architecture are not
domain-specific and it could be tailored as a
3. platform for attacking modern SCADA and
PLC systems.
Stuxnet reportedly ruined almost one-fifth
of Iran's nuclear centrifuges.
You can find more information on stuxnet at
http://en.wikipedia.org/wiki/Stuxnet.
Although this example is not directly
portraying the vulnerability of IoT data. But
with this example we can imagine how badly
a malware can hurt any program.
Take another example where an intelligent
cooking range is supposed to do some basic
pre-processing before I reach home. And a
malware in my intelligent device can even
influence my house’s fire safety and can
burn my house.
We can anticipate an attack of the things,
when new connected devices cause
problems on networks in a variety of ways
including increasing network attack surface
(every new "thing" is a potential hackable
weak point), using up precious bandwidth,
generating mountains of sensitive data that
needs to be stored and secured, and usable
IP addresses as billions of new things
connect to networks worldwide.
Capturing the data from our intelligent
device’s sensors will be ok, until I am not
providing the intelligence to the controllers
as well or our data security system for these
IoT devices should be sound enough that I
can rely on the actions of my controller as
well.
May be tomorrow I will be flooded with
suggestions from my IoT devices, but
preferably I would like to own the actions
rather than these intelligent devices do it for
me (at least for now).
I don’t want to be very pessimist and we can
choose to ignore the impending onslaught of
ubiquitous connected devices. While this
might be OK for now, we can’t keep our head
in the sand for much longer by just thinking
of a TRAP!