The Internet of (hacked) Things
Originally published on TrackTalk [December 2015]
With new wireless technologies ready to eliminate the mundane and improve our well-being, life, it seems, is getting easier every day. Already we can adjust a thermostat from our smartphone, allow doctors to monitor patients from hundreds of miles away, record exercise and sleeping patterns from a watch, and even measure our chew rate using a Bluetooth-connected fork.
According to consultant Gartner, 4.9 billion of these smart devices are now active and up to 25 billion could be connected by 2020 to form what is now known as the “Internet of Things” (IoT).
The IoT concept paints a rosy picture of interconnected devices, home systems and transport modes all working in tandem to deliver a more efficient and prosperous society. It has the potential to end traffic congestion by introducing driverless cars, and overcome a long-term threat to honeybee populations.
However, there is a dark side to all of this. The risk of hackers bringing these systems to their knees and spreading chaos is threatening the success of this concept.
IoT is based on freely sharing large amounts of data widely and in real-time. Yet many of the platforms delivering this data are susceptible to attack, with three main areas of vulnerability:
- the communication protocol used to interact with the object
- the object itself and its firmware, and
- the M2M platform managing the connected objects.
Issues are emerging from using cheap components, the device’s small memories and batteries, and not using standard radio protocols. The tendency to produce software quickly and to develop patches to overcome any teething problems is also problematic, with cyber criminals already compromising these systems.
For example hackers have screened live footage from insecure webcams, baby monitors, security cameras and CCTV. Reports also suggest that criminals could soon tap into IoT-connected devices to determine when an individual is not at home or, most worryingly, to eliberately crash automated trains, with British engineers acknowledging that its new ETCS signalling system is vulnerable if hackers compromise the Scada-based application.
With private enterprises in energy, transport and mining all looking to IoT to improve their efficiency, it is essential that they are aware of the risks and take necessary precautions before it is too late.
Alcatel-Lucent is ready to help with this issue. At its IoT labs in Europe and the United States, all chipset manufacturers or connected device suppliers can test their product with any 3G or 4G network and frequency deployed anywhere in the world. Alcatel-Lucent experts are also available to inspect each line of code that makes up a firmware application or device to make sure it is secure.
In addition, the company’s M2M service management solution, Motive, manages communication with the connected object, and checks its integrity. It is also capable of managing devices, their firmware, and configuration, and collects and stores data for use by business applications and business analytics software.
Motive brings intelligence to M2M device management. It also provides the reassurance that as the IoT develops, it does so safely and securely so we can all benefit and not live in fear.
To find out more about Alcatel-Lucent’s M2M solutions, click here: http://www.alcatel-lucent.com/solutions/motive-machine-to-machine-service-management and visit our site: http://www.alcatel-lucent.com/highways