CyberWisdom Safe Harbor Commentary on Internet of Things
Today, many “smart” Internet connection devices are manufactured by big companies with well-known brands, such as Google, Apple, Microsoft and Samsung, all of which have technical systems and marketing incentives to quickly resolve any security issues. But in a world where smaller Internet devices are getting more and more crowded, this is not the case, such as light bulbs, doorbells, or even packages shipped by UPS. These devices and their digital “brains” – usually provided by well-known companies, many of which are located in developing countries, do not have the capital or ability, or brand recognition needs, can use strong security features.
Insecure “Internet of Things” devices have led to major cyber disasters, such as Internet attacks by Internet routing company Dyn in October 2016, which claimed more than 80 popular sites and stopped Internet traffic in the United States. Solution to this problem As the “Internet of things” technology, the view of scholars of blockchain systems and network security may be a new method of using blockchain to track and distribute security software updates.
Ensure safety is paramount to the Internet of Things
Today’s big technology companies work hard to keep users safe, but they have set a daunting task for themselves: Thousands of complex software packages running on systems around the world will always have errors, making them vulnerable to hackers. attack. They also have a team of researchers and security analysts who try to find and fix vulnerabilities before the problem occurs.
When these teams find vulnerabilities (either from their own or someone else’s work, or from malicious activity reports from users), they have the ability to program updates and send them to users. These company’s computers, telephones, and even many software programs are regularly connected to the manufacturer’s website to check for updates, and they can be automatically downloaded or even installed.
In addition to tracking down the issues and creating the personnel needed for the restoration, this work requires a huge investment. It requires software to respond to automated queries, storage space for new versions of software, and network bandwidth in order to quickly send it to millions of users. This is where people’s iPhones, PlayStations and Microsoft Word’s copies are all well maintained with the latest security fixes.
This is not the case with manufacturers of next-generation Internet devices. Take Hangzhou Xiongmai Technology near Shanghai, China as an example. Xiongmai manufactures internet-connected cameras and accessories and sells components to other manufacturers.
Many of its products, as well as many other similar company products, contain factory-set administrative passwords that are difficult or impossible to change. This opens the door for hackers to connect to Panda manufacturing equipment, enter default passwords, control network cameras or other devices, and generate a large amount of malicious network traffic.
When issues – and their global scope – become clear, pandas and other manufacturers can make updates on their equipment. The ability to prevent future cyber attacks depends on creating a way that these companies can quickly, easily, and cheaply release software updates to customers when a vulnerability is discovered.
One possible answer for securing the Internet of Things
In short, the technology blockchain is a transactional record computer database that is stored in many different places at once. In a sense, it is like a public bulletin board where people can post-transaction notifications. Each article must be accompanied by a digital signature and cannot be changed or deleted.
This author is not the only one who recommends using a blockchain system to improve the security of Internet-connected devices. In January 2017, a group consisting of the US Internet giant Cisco, the German engineering company Bosch, the Bank of New York Mellon, the Chinese electronics manufacturer Foxconn, the Dutch cybersecurity company Gemalto, and some blockchain startups is developing such a system.
It can be used by device manufacturers to create their own software update infrastructure in the same way as technology giants. These small companies must program their products to periodically check the blockchain system to see if there is new software. Then they will securely upload their updates as they develop. Each device has a strong encrypted identity to ensure the manufacturer.
thumbnail courtesy of scientificamerican.com.
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »