‘IoT set to unleash technological disruptions touching daily life’

Source: The Hitavada      Date: 02 Dec 2017 12:17:17

 

By Praveen Vighre,

IoT opens up exciting new opportunities for business and economic growth, says Dr Rizwan Ahmed

* Smart toasters forcing the consumers into reconsidering eating habits by refusing to toast any bread that is not considered ‘healthy’. * Smart refrigerators shutting down as soon as ice-cream is detected. * Smart watch and fitness trackers keeping record of one’s health. *Adevice analysing indoor air quality, learns one’s routines, and communicates with other home devices to help one achieve optimal air quality. IF SUCH devices are around you, you are already exposed to what is called the Internet of Things (IoT).

The IoT has opened up exciting new opportunities for business and economic growth as well as personal care. At the same time, it also opens the door to a variety of new security threats. Hence, the buyers of IoT devices need to be careful, cautions Dr Rizwan Ahmed, an expert in the field. “IoT involves networking of things or objects that are relatively new. Their product design does not always consider security as an important factor.

Most of the IoT products in the market are often sold with old and unpatched embedded Operating System and software. It is generally observed that purchasers of these IoT devices often fail to change the default passwords or fail to select sufficiently strong passwords,” Dr Rizwan Ahmed, President of Technology at QMComputech Pvt Ltd, Nagpur (India Development Center: delaPlex Software, USA), said during an exclusive interview to ‘The Hitavada’. Dr Rizwan Ahmed holds the distinction of being one of the first recipients of PhD in the field of Mobile Forensics in India.

He has over 16 years of professional experience in IT industry in various roles as innovative hands-on technology executive with a proven track record of leading the design, development and programme/project management of high technology projects and solutions, while continuously improving the processes and procedures. He also works as Independent Consultant and Mobile Forensics Investigator for various private, Government, and law enforcement agencies in India and abroad.

A variety of IoT objects and applications are currently available, and many more are in the offing including smart home, wearables, smart city, smart grid, industrial Internet, connected cars, connected healthcare, smart retail, smart supply chain, smart farming etc. IoT is a term used to describe a network of objects (or things) that has sensors or hardware and software to enable the object to connect to Internet through wired and wireless networks. Though it is yet to become a popularly understood concept, security threats have started propping up. In April 2017, a hacker released multiple versions of BrickerBot that disabled thousands of IoT devices.

“IoT security is going to affect us all. In October 2016, the largest Distributed Denial of Service or DDOS attack ever was launched on service provider Dyn using an IoT botnet. This led to many websites going down including Twitter, Netflix, Reddit, and CNN using Dyn’s DNS solution,” Dr Ahmed said. Hacking attempts and IoT security issues across global IoT facilities have resulted into privacy violation, security breaches, loss of business, crippling of infrastructure, and, in some cases, even health and medical emergencies. IoT faces more number of possible threats compared to previous Internet technologies. Ever-growing number of connected IoT devices, applications, systems, and end-users result in more points of exposure and vulnerability. Every compromised IoT device becomes a new possible attack point increasing probability of attacks relating to relevant devices.

There is a plethora of IoT standards and protocols, which creates security blind spots. IoT devices are collecting lots of data which may get into the wrong hands, thereby fueling privacy concerns. “We need to secure IoT to secure our future. If one is not in the IoT eco-system one is really going to be left behind. The onus for preventing takedown by IoT is on both -- the user and the device developer. The user also needs to be alert always, because for IoT hackers, success means breaching the system once,” Dr Ahmed cautioned.

Brief History of IoT

■ Early demonstrations or experiments conducted during 1980s and 1990s started showcasing ‘Things’ to be connected.

■ The term IoT was invented in 1999, initially to promote RFID technology.

■ IoT didn’t become popular until 2010-11.

■ In 2014, IoT reached mass markets when Google bought Nest for $3.2bn and Consumer Electronics Show (CES) in Las Vegas was held under the theme of IoT.

■ As per Gartner’s forecasts 8.4 billion connected things will be in use worldwide in 2017, with total IoT spending on end-points and services reaching almost $2 trillion in 2017. The number will rise to 20-30 billion by 2020.

The Security Aspects

■ IoT device that needs to be directly accessible over the Internet should be segmented into its own network and have network access restricted. These individual network segments should be then monitored to identify potential anomalous traffic to take further action if there is a problem.

■ IoT device manufacturers should enhance privacy and build secure devices by adopting a security-focused approach, reducing the amount of data collected by IoT devices, and increasing transparency and providing consumers with a choice to opt-out of data collection.

■ IoT solution architecture requires multi-layered security approaches that seamlessly work together to provide complete end-to-end security from device to cloud and everything in between throughout the lifecycle of the solution.

 

 

 

 

 

 

■ Encryption is an absolute must.