Tag Archives: iot

Security issues invade non-traditional areas

We’re mostly used to malicious attacks being associated with computer, servers, mobiles and other IT-related systems. But more and more, computing is being pushed into areas that aren’t traditional for these attacks yet are fast becoming critical areas.

InternetOfThings (IoT ) devices and automotive applications are starting to appear on hackers’ radars.

Some security researchers recently used a vulnerability in the Jeep’s Uconnect service to gain control of some critical functions of the Cherokee including braking and steering – that is very worrying. Those action sequences in spy movies from only a few years ago where cars are remotely controlled, are suddenly reality.

One has to wonder at the rational ( or stupidity ) behind Jeep’s decision to merge control and infotainment systems – isn’t it obvious that issues with the internet-accessible infotainment system will enable access to the control system?

The problem is set to become much worse because IoT is spreading to every facet of our lives and security is not always on developers’ minds when designing new products. ADSL modems and routers are perfect examples of this – many never receive any updates during their lifetime, others remain full of holes even with updates and considering the home environment these are often used in, end-users don’t patch or don’t know to patch these devices.

The recent installment of Terminator ( genisys ) proposes a reality where everyone will be installing the latest version of the perpetrator’s Operating System – at that point, Skynet takes over. Considering the spread of software and IoT in the last few years ( think fridges, washing machines, children’s toys, cars, mobiles, kiosks, etc. ) this as not as far fetched as you might think.

Malicious parties have been infecting and controlling millions of devices around the planet for a number of years, performing denial of service attacks, enacting financial fraud and generally causing massive mischief.

What can we do? Not a whole lot, except protect the systems that we have control over and make sure they don’t become part of the problem. Everything else? Well it’s a bit of a crap-shoot.