In the rush to deliver smart devices to the masses, most manufacturers have failed the security test, leaving both users and devices exposed to hackers. 2016 has been a wake-up call for device makers. The real battle begins now.
30 billion devices will be connected to the Internet by the year 2020. As of the end of 2016, the majority of everyday devices are vulnerable to cyber attacks, including cameras, video recorders, printers, routers, and speakers. Many device makers consider device security an extra cost. What’s worse is that some are unaware of the risks.
With less protection and more devices, hackers get bolder. Last year, hundreds of thousands of devices were compromised and connected to become botnets to attack and bring down Twitter and PayPal.
The smart device makers — not so smart
If well-equipped big companies are vulnerable, then the manufacturers must be really worried. Or are they?
The root of the problem is ignorance. While some manufacturers are unaware of the scale of the risks, many others simply to do not have the expertise to prevent attacks on their devices. Many tech hardware manufacturers were born more than a decade ago, way before the IoT age.
Manufacturers of cameras, for example, could be providing online storage for their buyers. What they see as the company’s ‘move into the digital age’ could prove to be highly risky without the proper internet security. As a result, millions of user photos become easy pick for hackers. Users too have been complacent, having bought their cameras from a company that has been trusted for decades.
In the IoT age, the older are not necessarily wiser.
The hackers and their botnets
The year 2020 is not far off. When close to 30 billion devices are finally connected to the Internet, the attraction will be bigger.
Up till now, the cyber attacks have been isolated and in spates. There seems to be a pattern. Perhaps the hackers are merely warming up for the big catch. In the run-up to 2020, they are flexing their fingers with a few botnets here; a few malware versions there. With enough experimentation, they could result in the most potent perpetrator the world’s security firms have yet to see.
The battle begins
Not only the older, established device manufacturers need to change. Cybersecurity firms are working with smaller device makers and start-ups to prepare them for the real IoT world out there. Meanwhile, older manufacturers are catching up. They are starting to release updated firmware to secure the inner workings of their users’ devices.
Only after so many attacks, cybersecurity is finally on the mind of every manufacturer and device maker. But this is only the beginning.
Outsmarting the hackers
New ways are also emerging to fight back the hacks.
Qualcomm, the giant chipmaker, is exploring ways to use machine intelligence to help secure devices. Qualcomm wants to make machines constantly ask themselves: Is the device doing something it isn’t expected to do? Is it connecting to somewhere it isn’t expected to? Is it accessing memory differently? Qualcomm executive chairman Paul Jacobs said, ‘It‘s very important for IoT to make sure you have a way of securing and updating devices.’
In August this year, in the spirit of bi-partisan, a group of U.S. senators announced plans to introduce a bill to address cybersecurity in everyday tech devices. In the area of medical devices, the U.S. Food and Drug Administration (FDA) continues to evaluate device cyber-security based on the latest critical infrastructure security framework. Progress in-laws and criteria seen in leading technologically-advanced countries such as the U.S. will hopefully spill over to the rest of device-making nations.
Slowly but surely
Initiatives are in place, but clearly, securing existing devices and new ones will be a constant work-in-progress. In the meantime, many areas in the hundreds of thousands of devices remain exposed — as are its users.