Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > RF/Microwave

Beware of the Thing: Seven alarming IoT what-ifs

Posted: 05 Nov 2014 ?? ?Print Version ?Bookmark and Share

Keywords:Internet of Things? security? connectivity?

There's something attractive in connectivity enabled by the Internet of Things. Who wouldn't be drawn to the convenience involved in driving in a connected car where the GPS automatically navigates you away from a traffic jam? Or the pleasure in hearing a good news through an onboard messaging app that reads you emails?

However, in the not so ideal scenario, IoT might turn out to be the opposite of comforting. You take a taxi home after work because a hacker breaks into your car's Wi-Fi, takes control of the steering wheel, and crashes you into a tree. When you arrive, you are greeted with a strangely worded email asking for a ransom in exchange for the return of an embarrassing photo of you at a recent party you thought was beyond reach and securely hidden in your camera roll in the cloud.

Love it or fear it, the Internet of Things is fast becoming a reality. By the year 2020, the analyst firm Gartner predicts, there will be more than 26 billion Internet-connected "things"not including PCs, tablets, or smartphonesall of which are raising the challenges of cyber security to a whole new level.

[See also: Immune response system, honeypot: System-level IoT defense]

Recently, security researchers have offered a glimpse of potentially scary security scenarios that could unfold in the not too distant future. Here are seven that may be closer than you think.

Home office hack of 'Doom'


It might be tempting to play Doom on your printer in the off-hours when you are not answering emails or writing reports from the comfort of a home office. But the fact is that the Internet of Things is making the convenience of home also a target for attackers.

In September, at 44Con in London, researcher Mike Jordon showed off a hack of a Canon Pixma printer that let him modify the printer's firmware remotely so that its LED indicator screen could run the classic Doom video game.

Jordan demoed how to update the printer with a Trojan for spying on printed documents or to install malicious software on a network. But the commonplace printer isn't the only home office device that is vulnerable. It took Kaspersky Lab researcher David Jacoby less than 20 minutes to hack into his home office DSL router and network attached storage devices, where he found 14 vulnerabilities.

Ransomware by Thermostat


Imagine this scenario, suggested by @Somedude8: You enter your house, and the thermostat is set to 120 degrees. An email arrives in poorly written English asking for $500 to return control of your home heating system.

It's not all that far-fetched, as a trio of University of Central Florida researchers demonstrated at BlackHat 2014 by hacking into the Nest Learning Thermostat. In less than 15 seconds, they showed how an attacker can remove the Nest from its mount, plug in a micro USB cable, and backdoor the device, unbeknownst to the owner. The compromised Nest could be used to spy on the home, attack other devices on the network, or steal wireless network credentials.

Hack my ride

If you are in the market for the least hackable car this year, your best bet is the Audi A8, according to automobile vulnerability researchers Charlie Miller and Chris Valasek. But that doesn't give the connected car a free ride on the information highway.

Miller and Valasek's latest study looked for ways a hacker could access the car's network by breaking into its wireless-enabled radio, for instance, and issuing commands to the automated steering, parking, braking, or driving mechanisms.

Hack my ride

The research is bad news for owners of a 2014 Jeep Cherokee, a 2014 Infiniti Q50, or a 2015 Escalade. Yes, your car has cool, state-of-the-art network technology. But it's also most likely to get attacked via Bluetooth, telematics, or the onboard phone app. Now the good news: Security researchers are pressuring the auto industry to improve car cyber security safety.

Recent efforts include I Am The Cavalry's Five Star Automotive Cyber Safety Program and an information-sharing initiative between the Alliance of Automobile Manufacturers and the Association of Global Automakers.

1???2?Next Page?Last Page

Article Comments - Beware of the Thing: Seven alarming ...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top