Internet of Things now vying to make smart devices safer
One of the major reasons is reducing the gap between legacy systems and technology to that of today
Recent cyber attacks harnessing everyday devices such as cameras, video recorders, printers, routers and speakers are a wake-up call to the hidden dangers of the Internet of Things.
For a sense of that challenge, take AV Tech Corp, a once proud giant among CCTV camera makers whose 1990s building in a
AV Tech, which made the 2008 Forbes list of companies to watch, has seen competition from
"The harsh reality is that cyber security is not even on the radar of many manufacturers," said Trent Telford, CEO of Covata, an internet security firm. "Security will eventually become more of a priority, but it may well be too late for this generation of IoT users."
Up to 30 billion devices are expected to be connected to the Internet by 2020 - all potentially vulnerable.
Cyber security experts say this is just the beginning.
Flashpoint, a cyber security consultancy, said parts of the botnet used in last month's mass attack were used this week to launch denial of service attacks on the campaign websites of both U.S. presidential candidates, though neither site appeared to have been knocked offline.
VULNERABLE
While researchers have not found any AV Tech devices in a botnet, they have pointed to lapses that make them vulnerable.
In a blog post, confirmed by his company, Gergely Eberhardt of Hungarian security firm Search-Lab said he spent a year trying to alert AV Tech to 14 security holes in its products. He got no response, and last month released his findings.
"To be honest, in the past, hacking and discovering such matters was not an issue for AV Tech," said Dick Lee, special assistant in the company president's office. "This experience has significantly raised our alert level internally. This is something that those in the surveillance equipment business must face seriously."
Chinese camera maker Hangzhou Xiongmai Technology Co recalled thousands of its devices after researchers said they may have formed part of the botnet that took down Twitter and other websites, but it also threatened legal action against those defaming the company.
SECURITY FOCUS
Chipmaker Qualcomm said it was looking into new technologies, including those based on machine intelligence, to make IoT devices safer.
"We can build into the hardware certain fundamental things that will watch to see: is the device doing something it wasn't expected to do? Is it talking to somewhere it wasn't expected to talk to? Is it accessing memory differently?" executive chairman Paul Jacobs told Reuters on the sidelines of an event in
AV Tech said it was talking to Search-Lab and other security firms about long-term cooperation, and also plans to release updated firmware - software that upgrades the inner workings of its devices to make them more secure.
One firm making sensors to allow treadmill users to share their workouts, he said, faced a three-month delay if it rewrote software to properly encrypt data. The cheaper solution was to obscure the data, and make any hacker work harder to crack it.
Refiti set up IoTSec
Its main goal, says founder John Moor, is to simplify guidance so engineers actually read it. The foundation is releasing its first best-practice manual, condensing a 300-400 page industry document to just 30 pages.
For AV Tech, improved security may prove to be a way to differentiate its products from Chinese competition. "This is a good opportunity. For these surveillance products, the demand on their security is the most important;" said Lee, adding the inevitable higher cost "is not expected to be huge."