The Malware of Things
MAR 13, 2015 12:51 PM
A+ A A-

The Malware of Things

By Art Swift

It’s easy to get frustrated with the security problems we all face with our connected devices: shouldn’t a PC/laptop/phone/tablet/whatever be secure by design? Is it really that hard? 
When the malware problem first bloomed on PCs years ago, it was perhaps forgivable as a symptom of growing pains in a new industry. Microsoft took the brunt of the complaints. Now, though, it seems like any OS of a connected device can be hacked, and the vendors can’t stop it any more effectively than Microsoft did all those years ago (or today). It really is that hard.
As we venture further into the age of the Internet of Things (IoT), what should we expect? Any system that communicates can have its communications hacked. If you think that statement is false, phrase it differently: it’s possible to create a system with communications that can’t be hacked. OK, then, name one. Banks, military-industrial corporations – that supposedly should know their security – all get hacked. We might hope that military systems themselves would be immune, but evidence of the hacking of Israel’s Iron Dome system would say we’re wrong.
In the Internet of Things age, the titular things are going to get hacked. How exercised should we really be? “Oh, no! Hackers are going to set the thermostat in my house too high!”  The joke’s on them: my wife already is.
But think about our cars. And a car communicates – with the phone that the driver Bluetooths to it to make calls or listen to music, and to OnStar and similar systems. 
According to a recent analysis, some of the more sophisticated cars on the road today network together various combinations of the media system, telematics system (e.g. OnStar), anti-theft features, and the brakes and engine control.  Based on the track record of manufacturers vs. hackers, that’s already good reason to be worried.
But it gets worse. Google and others are making great strides with self-driving cars.  In order to maximize road capacity and safety, those cars will be communicating telemetry data with each other. When they start marketing the cars, Google et al will surely tell us about the steps they’ve taken to make those cars secure. 
Security is sufficiently important to require redundant systems, aka “defense in depth.” A small, independent security component, designed and implemented by someone other than the team that implemented the system being protected, will close holes that the system team didn’t even realize existed. As a gatekeeper to things large and small – home security, automobiles, even mission-critical components of automobiles – a dedicated security unit shouldn’t be contemplated as an option, it should be considered a requirement.
Art Swift is CEO of CUPP Computing, which provides security solutions for mobile systems, such as tablets, smartphones, remote service devices and the Internet of Things (IoT).  CUPP Computing is headquartered in Oslo Norway, and has operations in Netanya, Israel, and Palo Alto, CA.  
[%= name %]
[%= createDate %]
[%= comment %]
Share this:
Please login to enter a comment:

Computing Now Blogs
Business Intelligence
by Keith Peterson
Cloud Computing
A Cloud Blog: by Irena Bojanova
The Clear Cloud: by STC Cloud Computing
Computing Careers: by Lori Cameron
Display Technologies
Enterprise Solutions
Enterprise Thinking: by Josh Greenbaum
Healthcare Technologies
The Doctor Is In: Dr. Keith W. Vrbicky
Heterogeneous Systems
Hot Topics
NealNotes: by Neal Leavitt
Industry Trends
The Robotics Report: by Jeff Debrosse
Internet Of Things
Sensing IoT: by Irena Bojanova